Thanks for getting back to me so quickly! Maxim Dounin Wrote: ------------------------------------------------------- > What nginx doesn't support (or, rather, explicitly forbids) is > renegotiation. On the other hand, renegotiation is required if > one needs to ask for a client certificate only for some URIs, so > it's likely used in your case. You should see something liby lieut_data - Nginx Mailing List - English
I was excited to see proxy_ssl_certificate and friends land in Nginx 1.7.8, and decided to revisit Nginx as a candidate for proxy caching an upstream server requiring client authentication. I've included the debugging configuration I've been playing around with at the end of this post. This particular upstream server does not trigger client authentication for all endpoints. For example, I can iby lieut_data - Nginx Mailing List - English