mTLS validation from customer header
July 12, 2024 06:46AM
Hi

Is it somehow possible to get nginx to validate the mTLS from an customer header ?
Maybe by setting it to the variable of https://nginx.org/en/docs/http/ngx_http_ssl_module.html#var_ssl_client_cert , but I cannot find an way to do this.
Im asking, because AWS ALB, sends the client-cert as part of their custom header "X-Amzn-Mtls-Clientcert".
ref: https://docs.aws.amazon.com/elasticloadbalancing/latest/application/mutual-authentication.html

I can see the header just fine in nginx, but I find no way to validate this.

Setup is extremely simple.
WAN -> ALB -> NGINX

Thanks
Sorry, only registered users may post in this forum.

Click here to login

Online Users

Guests: 135
Record Number of Users: 8 on April 13, 2023
Record Number of Guests: 500 on July 15, 2024
Powered by nginx      Powered by FreeBSD      PHP Powered      Powered by MariaDB      ipv6 ready