Add documentation for how to use Client-Side Certificate Authentication
This commit is contained in:
Nobody84
GitHub
parent
6b6466cdbe
commit
14142ad84c
1 changed files with 33 additions and 17 deletions
16
README.md
16
README.md
|
|
@ -312,6 +312,22 @@ $ docker run -d -p 80:80 -p 443:443 \
|
||||||
|
|
||||||
You'll need apache2-utils on the machine where you plan to create the htpasswd file. Follow these [instructions](http://httpd.apache.org/docs/2.2/programs/htpasswd.html)
|
You'll need apache2-utils on the machine where you plan to create the htpasswd file. Follow these [instructions](http://httpd.apache.org/docs/2.2/programs/htpasswd.html)
|
||||||
|
|
||||||
|
### Client-Side Certificate Authentication
|
||||||
|
#### Certificate Authority (CA)
|
||||||
|
In order to secure your virtual host, you have to copy your CA certificate file (ca.crt) named as its equivalent VIRTUAL_HOST variable on directory
|
||||||
|
/etc/nginx/ca/$VIRTUAL_HOST.crt
|
||||||
|
|
||||||
|
#### Certificate Revocation List (CLR)
|
||||||
|
In oder to use a certificate revocation list, you have to copy your .clr file named as its equivalent VIRTUAL_HOST variable on the same directory /etc/nginx/ca/$VIRTUAL_HOST.clr
|
||||||
|
|
||||||
|
```
|
||||||
|
$ docker run -d -p 80:80 -p 443:443 \
|
||||||
|
-v /path/to/ca:/etc/nginx/ca \
|
||||||
|
-v /path/to/certs:/etc/nginx/certs \
|
||||||
|
-v /var/run/docker.sock:/tmp/docker.sock:ro \
|
||||||
|
jwilder/nginx-proxy
|
||||||
|
```
|
||||||
|
|
||||||
### Custom Nginx Configuration
|
### Custom Nginx Configuration
|
||||||
|
|
||||||
If you need to configure Nginx beyond what is possible using environment variables, you can provide custom configuration files on either a proxy-wide or per-`VIRTUAL_HOST` basis.
|
If you need to configure Nginx beyond what is possible using environment variables, you can provide custom configuration files on either a proxy-wide or per-`VIRTUAL_HOST` basis.
|
||||||
|
|
|
||||||
Loading…
Reference in a new issue