I am trying to set up a reverse proxy to the Windows Admin Center (WAC). The
WAC requires the use of a client certificate for authentication. When I log
into the WAC via https://localhost:6516 or https://192.168.0.100:6516 I am
prompted for the certificate and everything works fine. If I attempt to log
in from outside my network across the WAN, I simply receive a 403 without
being prompted for the certificate.
Microsoft says if you don't get the certificate prompt or choose the wrong
one, you will get the 403, so I think something with my nginx reverse proxy
config needs to be set to pass the certificate request through?
Here is the relevant config ... I started with nothing but a bare proxy_pass
and have added the rest of the directives on as I was trying to get it
working.
location /winac {
proxy_pass
https://192.168.0.100:6516;
proxy_ssl_verify off;
proxy_set_header X-SSL-CERT
$ssl_client_escaped_cert;
proxy_set_header X-SSL-CERT
$ssl_client_cert;
proxy_pass_request_headers on;
}
Posted at Nginx Forum:
https://forum.nginx.org/read.php?2,280385,280385#msg-280385
_______________________________________________
nginx mailing list
nginx@nginx.org
http://mailman.nginx.org/mailman/listinfo/nginx
