Pulled client certificate veriification.

README.md

@@ -357,13 +357,6 @@ $ docker run -d -p 80:80 -p 443:443 \
 
 You'll need apache2-utils on the machine where you plan to create the htpasswd file. Follow these [instructions](http://httpd.apache.org/docs/2.2/programs/htpasswd.html)
 
-### Client Certificates Support
-
-Client certificates can be supported by defining the following environment variables:
-`CLIENT_CA` to be set to the certificate to validate the clients against
-`VERIFY_CLIENT` can be set to `on` to  verify clients, `off` to ignore the client certificates, or `optional` the default to request but not verify
-`VERIFY_DEPTH` to the depth to verify the client certificate
-
 ### Custom Nginx Configuration
 
 If you need to configure Nginx beyond what is possible using environment variables, you can provide custom configuration files on either a proxy-wide or per-`VIRTUAL_HOST` basis.

nginx.tmpl

@@ -288,12 +288,6 @@ upstream {{ $upstream_name }} {
 
 {{ if $is_https }}
 
-{{ $clientCA := trim (or (first (groupByKeys $containers "Env.CLIENT_CA")) (printf "%s.client" $vhostCert)) }}
-{{ $verifyClient := trim (or (first (groupByKeys $containers "Env.VERIFY_CLIENT")) "optional") }}
-{{ $verifyDepth := trim (or (first (groupByKeys $containers "Env.VERIFY_DEPTH")) "2") }}
-
-{{ $is_client_verify := (and (ne $clientCA "") (ne $verifyClient "") (ne $verifyDepth "") (exists (printf "/etc/nginx/certs/%s.pem" $clientCA))) }}
-
 {{ if eq $https_method "redirect" }}
 server {
 	server_name {{ $host }};
@@ -368,12 +362,6 @@ server {
 	add_header Strict-Transport-Security "{{ trim $hsts }}" always;
 	{{ end }}
 
-	{{ if $is_client_verify }}
-	ssl_client_certificate {{ printf "/etc/nginx/certs/%s.pem" $clientCA }};
-	ssl_verify_client {{ (printf "%s" $verifyClient) }};
-	ssl_verify_depth {{ (printf "%s" $verifyDepth) }};
-	{{ end }}
-
 	{{ if (exists (printf "/etc/nginx/vhost.d/%s" $host)) }}
 	include {{ printf "/etc/nginx/vhost.d/%s" $host }};
 	{{ else if (exists "/etc/nginx/vhost.d/default") }}