Fix nginx config

Fix nginx config for AAF so that certificate can go through it Issue-ID: CLAMP-519 Change-Id: Ie10975d733107022b933b83354881fd704512e26 Signed-off-by: sebdet <sebastien.determe@intl.att.com>
author: sebdet <sebastien.determe@intl.att.com> 2019-10-17 11:17:03 +0200
committer: sebdet <sebastien.determe@intl.att.com> 2019-10-17 11:17:03 +0200
commit: 8ed71d0cfe1f7466b6169e7f9585b3f8616eba19 (patch)
tree: 3a8661da70d21fd5c8f21b9b0b272650ba48e277 /src
parent: dcc4bdc4e0f8b614e36a7ef0a2d97e2b6b5e3201 (diff)
1 files changed, 2 insertions, 0 deletions
diff --git a/src/main/docker/frontend/nginx/nginx.conf b/src/main/docker/frontend/nginx/nginx.conf
index 5bcac5cf..e18c1e83 100644
--- a/src/main/docker/frontend/nginx/nginx.conf
+++ b/src/main/docker/frontend/nginx/nginx.conf
@@ -4,8 +4,10 @@ server {
   ssl_protocols TLSv1.2;
   ssl_certificate /etc/ssl/clamp.pem;
   ssl_certificate_key /etc/ssl/clamp.key;
+  ssl_verify_client optional_no_ca;
     location /restservices/clds/ {
         proxy_pass https://clamp-backend:8443;
+        proxy_set_header X-SSL-Cert $ssl_client_escaped_cert;
     }
   
   location / {
author	sebdet <sebastien.determe@intl.att.com>	2019-10-17 11:17:03 +0200
committer	sebdet <sebastien.determe@intl.att.com>	2019-10-17 11:17:03 +0200
commit	8ed71d0cfe1f7466b6169e7f9585b3f8616eba19 (patch)
tree	3a8661da70d21fd5c8f21b9b0b272650ba48e277 /src
parent	dcc4bdc4e0f8b614e36a7ef0a2d97e2b6b5e3201 (diff)