unit icon indicating copy to clipboard operation
unit copied to clipboard
verified publisher icon nginx

Support TLS client side certificates

Open zueve opened this issue 6 years ago • 3 comments

Could you add support authentication by SSL/TLS client side certificates (https://en.wikipedia.org/wiki/Transport_Layer_Security#Client-authenticated_TLS_handshake) for NGINX Unit (like nginx with option ssl_client_certificate).

zueve avatar Feb 25 '19 14:02 zueve

This is still a very important feature / requirement but would mean we have to introduce the SSLClient side in NGINX Unit. This task has not beed started yet but for this reason I will keep the issue open and assign it to an engineer as soon as possible.

tippexs avatar Dec 01 '22 16:12 tippexs

Would also love to see support for this!

Cloudflare and NGINX Unit have been a great combination for us.

Being able to leverage Cloudflare’s authenticated origin pull setup (which requires these certificates) directly with NGINX Unit would be amazing. Thanks for all your work!

kylecotter avatar Sep 23 '24 15:09 kylecotter

@kylecotter would you be able to add more detail to this? How are you using or planning to use Unit in Cloudflare's environment, and what's stopping you currently from doing it? There are a lot of moving parts in implementing client side certificates, so we'd like to get this right and fit for purpose.

javorszky avatar Sep 30 '24 15:09 javorszky