If your client needs to call the nginx proxy instead of the service then the proxy must provide all the server side ssl setup including the 2 way ssl rules which client certs are allowed to connect.
Christian 2017-06-23 15:30 GMT+02:00 Arek R. <[email protected]>: > 1. I've a requirement to implement 2 way ssl. I'm using > JaxWsProxyFactoryBean, set TlsClientParams and manage to run a test via > https. 1 way ssl is working. > Now want to add a client certificate cause there's an error in the server > log like 'client sent no required SSL certificate while reading client > request headers' but cannot find any good example how to do it. Any hint ? > > 2. If ssl terminates at nginx server am I able to recognize the client on > the web server ? > I guess no and in such case I should handle ssl at jetty/cxf level. Please > confirm. > Or the only way is to sign the messages and then it doesn't matter where > ssl is handled. > -- -- Christian Schneider http://www.liquid-reality.de <https://owa.talend.com/owa/redir.aspx?C=3aa4083e0c744ae1ba52bd062c5a7e46&URL=http%3a%2f%2fwww.liquid-reality.de> Open Source Architect http://www.talend.com <https://owa.talend.com/owa/redir.aspx?C=3aa4083e0c744ae1ba52bd062c5a7e46&URL=http%3a%2f%2fwww.talend.com>
