Nginx 1.9.5 (linux Centos7)--> MS IIS 8.5
So i try to use nginx as client revers proxy for IIS where need client certificate authentication at IIS level.
nginx:443->>IIS:443+client certificate authentications.

example location proxy pass
also here are commented commands which i try.
location ^~ /test/ {
#proxy_buffering off;
#proxy_http_version 1.0;
#proxy_request_buffering off;
#proxy_set_header Connection "Keep-Alive";
#proxy_set_header X-SSL-CERT $ssl_client_cert;
# proxy_ssl_name domain.lv;
#proxy_ssl_trusted_certificate /etc/nginx/ssl/root/CA.pem;
#proxy_ssl_verify_depth 2;

proxy_set_header HOST domain.com;
proxy_ssl_certificate /etc/nginx/ssl/test.pem;
proxy_ssl_certificate_key /etc/nginx/ssl/test_key.pem;
proxy_ssl_verify off;
proxy_pass https://10.2.4.101/;

}

At IIS simple.
1. create new website.
2. import CA cert in trusted root.
3. set ssl cert required.

Test what i get :
1. Directly browser to IIS client cert required--worked.
2. Nginx to other nginx client cert required--worked.
3. Nginx to IIS client cert ignore--worked
4. Nginx to IIS client cert required or accept - NOT work



ERROR:
Nginx side:
*4622 upstream timed out (110: Connection timed out) while reading response header from upstream
*4622 access forbidden by rule, client: 10.2.6.1
IIS side:
500 0 64 119971

So i hope someone could know why?