Anyone has any help?
I managed to setup a nginx entity.
I created the fullchain.pem by cat’ing teddy-cert.pem and ca-root.pem
Still not sure about the ssl_certificate_key. using teddy-key.pem did not work, hat to convert it with
openssl rsa -in /etc/nginx/certs/server/teddy-key.pem -out /etc/nginx/certs/server/teddy-key-converted.pem
my config looks like this:
http {
server {
listen 7443 ssl;
listen [::]:7443;
server_name _;ssl_protocols SSLv2 SSLv3 TLSv1 TLSv1.1 TLSv1.2;
ssl_ciphers ALL:!aNULL;# Server's certificate and private key ssl_certificate /etc/nginx/certs/server/fullchain.pem; ssl_certificate_key /etc/nginx/certs/server/teddy-key-converted.pem; # Require client certificate ssl_client_certificate /etc/nginx/certs/client/ca.pem; ssl_verify_client optional_no_ca; location / { proxy_pass https://teddycloud:443; # Forward to your cloud service proxy_ssl_certificate /etc/nginx/certs/client/client.pem; proxy_ssl_certificate_key /etc/nginx/certs/client/private.pem; proxy_ssl_conf_command Options UnsafeLegacyRenegotiation; }}
I am able to connect to teddycloud with curl or openssl_client using the client certs and ca-root.pem.
but if I try it with the box, I get a failed handshake “wrong signature type”.
Thanks!