In case of a certificate hierarchy "CA -> Interm1 -> Interm2 -> a client certificate", after a successful SSL handshake the ssl_client_cert variable contains the client certificate but not the whole chain up to the CA certificate. Is there a variable/way to get the chain to put it into a header of a proxy_pass request?by sedov.alx - How to...
I didn't find a way to achieve the goal above. In the end, we decided to use `optional_no_ca` mode and validate certificates on our backend side.by sedov.alx - How to...
We are using nginx as a reverse proxy to enable a client certificate authentication for our REST API endpoints. The config is as follows: server { listen 443 ssl; ssl_certificate /Users/asedov/Documents/work/ssl/openssl-scripts/ca/certs/test-backend_crt.pem; ssl_certificate_key /Users/asedov/Documents/work/ssl/openssl-scripts/ca/private/test-backend_key.pem;by sedov.alx - How to...