I have problem with rewriting of apache conf to nginx. I need to pass subject DN of client certificate to username for basic auth.
Apache conf:
SSLCACertificateFile /etc/apache2/ssl/ca.pem
SSLVerifyClient require
SSLVerifyDepth 2
<Location />
SSLOptions +FakeBasicAuth +StrictRequire
Require valid-user
AuthName "Authentication"
AuthType Basic
AuthUserFile "/etc/apache2/ssl/httpd.passwd"
</Location>
current NGINX conf:
ssl_client_certificate /etc/pki/tls/custom-ca-bundle.pem;
ssl_verify_client on;
ssl_verify_depth 2;
if ($ssl_client_verify != SUCCESS) {
return 403;
}
auth_basic "Authentication";
auth_basic_user_file /etc/nginx/.htpasswd;
For Apache now doing this job prefectly: SSLOptions +FakeBasicAuth, but I don't know how to do it for NGINX.