SSL proxy client certificate rewrite to username/password

I want to use VoltDB’s HTTP JSON interface
section 15.2.1

I also want to use certificate based authentication of the client. I am
thinking that I can use nginx as SSL frontend and have it rewrite the
URL to
include a randomly generated username and password as required by
But, I can’t figure out how to write the rewrite rule in nginx’s conf
I need to write multiple rules like this:
if client certificate common name is X, add to URL the arguments,
user=PRF(x, u)&password=PRF(x, p) where PRF is a pseudo random function

Is this possible? How? I appreciate your help!

Posted at Nginx Forum: