2024-12-05 10:36:22 -05:00
|
|
|
server {
|
2024-12-22 22:27:14 -05:00
|
|
|
listen 443 ssl;
|
|
|
|
|
listen [::]:443 ssl;
|
2024-12-05 10:36:22 -05:00
|
|
|
server_name offsite-ejbca.mracs.dev;
|
|
|
|
|
|
2024-12-22 22:27:14 -05:00
|
|
|
large_client_header_buffers 4 16k;
|
|
|
|
|
|
2024-12-05 10:36:22 -05:00
|
|
|
location / {
|
2024-12-05 10:41:19 -05:00
|
|
|
allow 63.141.252.133;
|
2024-12-05 10:36:22 -05:00
|
|
|
deny all;
|
2024-12-22 21:40:43 -05:00
|
|
|
proxy_pass https://localhost:7563;
|
2024-12-22 22:30:00 -05:00
|
|
|
proxy_set_header X-SSL-CERT $http_x_ssl_cert;
|
2024-12-05 13:05:54 -05:00
|
|
|
proxy_set_header X-Client-Verify $http_x_client_verify;
|
2024-12-22 22:30:00 -05:00
|
|
|
proxy_set_header X-Client-DN $http_x_client_dn;
|
|
|
|
|
proxy_set_header X-Client-Serial $http_x_client_serial;
|
2024-12-05 10:36:22 -05:00
|
|
|
}
|
|
|
|
|
|
2024-12-22 22:03:47 -05:00
|
|
|
location /test-headers {
|
|
|
|
|
return 200 "X-SSL-CERT: $http_x_ssl_cert\nX-Client-Verify: $http_x_client_verify\nX-Client-DN: $http_x_client_dn\nX-Client-Serial: $http_x_client_serial\n";
|
|
|
|
|
add_header Content-Type text/plain;
|
|
|
|
|
}
|
2024-12-05 10:36:22 -05:00
|
|
|
}
|
