server/configs/nginx/get-team/client-cert.conf

20 lines
448 B
Plaintext

set $auth_basic "Challenge FIC";
if ($ssl_client_verify != "SUCCESS") {
set $team "$remote_user";
set $needauth "1";
}
if ($ssl_client_verify = "SUCCESS") {
set $team "_AUTH_ID_$ssl_client_serial";
set $auth_basic off;
set $needauth "0";
}
if (!-f /srv/PKI/shared/ficpasswd) {
set $needauth "${needauth}0";
}
if ($needauth = "10") {
return 401;
}
auth_basic $auth_basic;
auth_basic_user_file /srv/PKI/shared/ficpasswd;