Hi, I have setup nginx as a ssl reverse proxy for tomcat. I am doing matching based on client DN like that: ssl on; ssl_certificate /etc/ssl/server.crt; ssl_certificate_key /etc/ssl/server.key; ssl_client_certificate /etc/ssl/certs/ca.crt; ssl_verify_client on; location /client2 { if ($ssl_client_s_dn = "/C=US/ST=OH/O=TEST.US/OU=ADM/CN=client2") { proxy_pass htby kefear - Nginx Mailing List - English