I`m building a proxy server that should receive HTTPS requests on port 9700 and send them as is to another web server on another machine, also to port 9700, where the requests will be processed by the relevant application. I have tried multiple Nginx configurations till now, here are the last configuration I tried:
On the proxy machine:
server {
listen 9700 ssl;
ssl_certificate /etc/nginx/cert/example.crt;
ssl_certificate_key /etc/nginx/cert/example.key;
ssl_client_certificate /etc/nginx/cert/example.crt;
ssl_verify_client on;
location / {
proxy_pass https://example.myhost.com:9700/;
proxy_set_header User-Agent "";
set $max_chunk_size 10485760;
set $max_body_size 10485760;
proxy_http_version 1.1;
client_max_body_size 10M;
}
}
On the second machine that should process the requests:
upstream receiver {
server reciverIP:PORT;
}
server {
listen 9700 ssl;
ssl_certificate /etc/nginx/cert/example.crt;
ssl_certificate_key /etc/nginx/cert/example.key;
ssl_client_certificate /etc/nginx/cert/example.crt;
ssl_verify_client on;
location / {
proxy_set_header User-Agent "";
proxy_pass http://receiver/;
set $max_chunk_size 10485760;
set $max_body_size 10485760;
proxy_http_version 1.1;
client_max_body_size 10M;
}
}
The result is that the proxy server seems like succeeding to transfer the requests but the receiver server replies with a 400 error. At the error log, I receive an error about the certificate, although the certificate is configured for all example.myhost.com DNS, and present at both configurations. This is the error message:
2022/06/06 18:08:23 [info] 8484#8484: *677 client sent no required SSL certificate while reading client request headers, client: IP, server: , request: "POST /SOMEINFO?key=902e6d820cb84ytdaaa618ae74f677e0&token=3af69f74db7872f89f67b5154c41f4de HTTP/1.0", host: "example.myhost.com:9700"
If I stop sending the requests to the second machine the proxy server receives and handles the requests.
Any ideas on how I can make this work would be deeply appreciated. If something wasn't clear from my explanation please let me know.