Hi,
I’m using ssl_client_certificate, I want to set “proxy_set_header
X-Cert-DN
$ssl_client_s_dn;” when I proxy.
I’ve ssl_verify_client set to optional - this all works great, but in
the
browser, the user gets a cert prompt. Is there a way I can avoid the
cert
prompt - so the header will get set if a cert is supplied, but otherwise
it
won’t prompt the user? (So curl -e cert.crt https://mysite should get
the
cert header, but a browser shouldn’t know about it).
Cheers,
Chris
Posted at Nginx Forum: