9048cf2758
* Fix Dockerfile * Add changes to docker image to support new client cert functionality * Update repo:tag for docker
68 lines
1.4 KiB
Text
68 lines
1.4 KiB
Text
server {
|
|
listen 80 default_server;
|
|
listen 443 ssl default_server;
|
|
|
|
server_name ansible.http.tests _;
|
|
|
|
ssl_certificate /root/ca/ansible.http.tests-cert.pem;
|
|
ssl_certificate_key /root/ca/private/ansible.http.tests-key.pem;
|
|
|
|
ssl_client_certificate /root/ca/cacert.pem;
|
|
ssl_verify_client optional;
|
|
|
|
location =/cacert.pem {
|
|
alias /usr/share/nginx/html/cacert.pem;
|
|
}
|
|
|
|
location =/client.key {
|
|
alias /usr/share/nginx/html/client.key;
|
|
}
|
|
|
|
location =/client.pem {
|
|
alias /usr/share/nginx/html/client.pem;
|
|
}
|
|
|
|
location =/ssl_client_verify {
|
|
return 200 "ansible.http.tests:$ssl_client_verify";
|
|
}
|
|
|
|
location / {
|
|
proxy_pass http://127.0.0.1:8000;
|
|
}
|
|
}
|
|
|
|
server {
|
|
listen 80;
|
|
listen 443 ssl;
|
|
|
|
server_name sni1.ansible.http.tests;
|
|
|
|
ssl_certificate /root/ca/sni1.ansible.http.tests-cert.pem;
|
|
ssl_certificate_key /root/ca/private/sni1.ansible.http.tests-key.pem;
|
|
|
|
location / {
|
|
return 200 "sni1.ansible.http.tests";
|
|
}
|
|
}
|
|
|
|
server {
|
|
listen 80;
|
|
listen 443 ssl;
|
|
|
|
server_name sni2.ansible.http.tests;
|
|
|
|
ssl_certificate /root/ca/sni2.ansible.http.tests-cert.pem;
|
|
ssl_certificate_key /root/ca/private/sni2.ansible.http.tests-key.pem;
|
|
|
|
location / {
|
|
return 200 "sni2.ansible.http.tests";
|
|
}
|
|
}
|
|
|
|
server {
|
|
listen 80;
|
|
|
|
server_name fail.ansible.http.tests;
|
|
|
|
rewrite /(.*) https://$host/$1 permanent;
|
|
}
|