Use certificates and nginx

Dualton · September 26, 2024, 6:48am

Ok to rephrase this, of course I will have to expose 443, but I want nginx to secure the connection by using mTLS as described in

Feasibility of hosting Teddycloud

My question is:
In the example nginx configs that are provided in that thread, different certificates and keys are used.
Do they differ from the certificates provided during teddycloud initial startup?
If so, how were they generated?
How were the keys generated?

Im referring to:

Feasibility of hosting Teddycloud

map $ssl_client_fingerprint $reject {
default 1;

"b571ef0c5841a7c23bfce63f1a20286fcfcfcfcf"	0;

}

ssl_certificate /etc/ssl/certs/server/ttt-fullchain.pem;
ssl_certificate_key /etc/ssl/certs/server/ttt.pem;

ssl_client_certificate /etc/ssl/certs/client/ca.pem;

Feasibility of hosting Teddycloud

map $ssl_client_fingerprint $toniebox {
default invalid;
“client_cert_fingerprint” my_toniebox;

    ssl_certificate /teddycloud/server/fullchain.pem;
    ssl_certificate_key /teddycloud/server/ca-key.key;

                    proxy_ssl_certificate /teddycloud/client/client.pem;
                    proxy_ssl_certificate_key /teddycloud/client/client.key;

Thanks for any help!