Class NginxProxySslClientCertificateLookup

  • All Implemented Interfaces:
    Provider, X509ClientCertificateLookup

    public class NginxProxySslClientCertificateLookup
    extends AbstractClientCertificateFromHttpHeadersLookup
    The NGINX Provider extract end user X.509 certificate send during TLS mutual authentication, and forwarded in an http header. NGINX configuration must have : server { ... ssl_client_certificate path-to-my-trustyed-cas-for-client-auth.pem; ssl_verify_client on|optional_no_ca; ssl_verify_depth 2; ... location / { ... proxy_set_header ssl-client-cert $ssl_client_escaped_cert; ... } Note that $ssl_client_cert is deprecated, use only $ssl_client_escaped_cert with this implementation
    Since:
    10/09/2018
    Version:
    $Revision: 1 $
    Author:
    Arnault MICHEL