【发布时间】:2014-07-03 10:27:24
【问题描述】:
我有 2 个 Nginx 服务器 server1 和 server2。 server1 需要客户端 ssl 验证。 server2 代理所有对 server1 的请求
问题是当我尝试直接从 server1 访问我的服务时,浏览器会询问我的客户端证书并且它工作正常
但从 servier2 开始,它总是给出错误“400 Bad Request. No required SSL certificate was sent”
server1 nginx 配置是
server {
listen 443;
server_name server1 ;
ssl on;
ssl_certificate /etc/nginx/ssl/server.crt;
ssl_certificate_key /etc/nginx/ssl/server.key;
ssl_client_certificate /etc/nginx/client_keys/keys.crt;
ssl_verify_client on;
ssl_verify_depth 1;
ssl_session_timeout 5m;
ssl_protocols SSLv3 TLSv1;
ssl_ciphers ALL:!ADH:!EXPORT56:RC4+RSA:+HIGH:+MEDIUM:+LOW:+SSLv3:+EXP;
ssl_prefer_server_ciphers on;
location / {
proxy_pass https://some-service;
}
}
server2 nginx 配置是
server {
listen 443 default_server;
server_name server2;
ssl on;
ssl_certificate /etc/nginx/ssl/server.crt;
ssl_certificate_key /etc/nginx/ssl/server.key;
ssl_client_certificate /etc/nginx/client_keys/keys.crt;
location / {
proxy_pass https://server1;
}
}
【问题讨论】:
-
这个问题似乎离题了,因为它与编程无关。请参阅帮助中心的What topics can I ask about here。也许Server Fault 或Webmaster Stack Exchange 会是一个更好的提问地点。