ssl - Nginx DataPower 2 路 TLS
问题描述
我有 Nginx,它通过双向 TLS 从客户端向 IBM DataPower 发出代理请求。
从 Nginx 向 IBM DP 发送消息时出现错误:sll server (SERVER) ssl peer did not send a certificate during the handshake datapower
从我的 Nginx 配置中删除
location ~ path {
proxy_pass https://HOST:PORT; # DataPower
proxy_ssl_trusted_certificate /opt/nginx/ssl/tr/ca-chain.cert.pem;
proxy_ssl_certificate /opt/nginx/ssl/client/client-nginx_cert.pem;
proxy_ssl_certificate_key /opt/nginx/ssl/client/client-nginx_key.pem;
proxy_http_version 1.1;
proxy_ssl_server_name on;
proxy_ssl_name HOST;
proxy_set_header Host HOST;
proxy_ssl_verify off;
proxy_ssl_verify_depth 2;
}
消息从客户端直接发送到 IBM DP,没有错误。
解决方案
你可以尝试添加proxy_set_header X-SSL-CERT $ssl_client_cert;