DevFW-CICD/ingress-nginx-helm
16
0
Fork 0
Code Issues Pull requests Projects Releases Packages Wiki Activity Actions

Corrects the location of proxy_set_header for client certificate

Browse source
This commit is contained in:
Ricardo Pchevuzinske Katz 2017-02-07 15:25:02 -02:00
parent 0518f47fb4
commit ef7be11c6b
1 changed files with 5 additions and 2 deletions
Show stats Download patch file Download diff file Expand all files Collapse all files

7
controllers/nginx/rootfs/etc/nginx/template/nginx.tmpl
View file

@ -226,8 +226,6 @@ http {
ssl_client_certificate {{ $location.CertificateAuth.CAFileName }};
ssl_verify_client on;
ssl_verify_depth 10;
proxy_set_header SSL_CLIENT_CERT $ssl_client_cert;
{{ end }}
{{ if not (empty $authPath) }}
@ -294,6 +292,11 @@ http {
proxy_set_header Host $host;
# Pass the extracted client certificate to the backend
{{ if not (empty $location.CertificateAuth.CAFileName) }}
proxy_set_header ssl-client-cert $ssl_client_cert;
{{ end }}
# Pass Real IP
proxy_set_header X-Real-IP $remote_addr;