server/configs/nginx/get-team/client-cert.conf

set $auth_basic "Challenge FIC";
if ($ssl_client_verify != "SUCCESS") {
    set $team "$remote_user";
    set $needauth "1";
}
if ($ssl_client_verify = "SUCCESS") {
    set $team "_AUTH_ID_$ssl_client_serial";
    set $auth_basic off;
    set $needauth "0";
}
if (!-f /srv/PKI/shared/ficpasswd) {
    set $needauth "${needauth}0";
}
if ($needauth = "10") {
    return 401;
}

auth_basic $auth_basic;
auth_basic_user_file /srv/PKI/shared/ficpasswd;
frontend: update notification icons 2020-01-15 08:54:54 +00:00			`set $auth_basic "Challenge FIC";`
Add configuration for prod 2018-01-21 16:03:45 +00:00			`if ($ssl_client_verify != "SUCCESS") {`
frontend: update notification icons 2020-01-15 08:54:54 +00:00			`set $team "$remote_user";`
			`set $needauth "1";`
Add configuration for prod 2018-01-21 16:03:45 +00:00			`}`
			`if ($ssl_client_verify = "SUCCESS") {`
			`set $team "_AUTH_ID_$ssl_client_serial";`
frontend: update notification icons 2020-01-15 08:54:54 +00:00			`set $auth_basic off;`
			`set $needauth "0";`
			`}`
			`if (!-f /srv/PKI/shared/ficpasswd) {`
			`set $needauth "${needauth}0";`
			`}`
			`if ($needauth = "10") {`
			`return 401;`
Add configuration for prod 2018-01-21 16:03:45 +00:00			`}`
frontend: update notification icons 2020-01-15 08:54:54 +00:00
			`auth_basic $auth_basic;`
			`auth_basic_user_file /srv/PKI/shared/ficpasswd;`