[Feature] configurable **client** certificate

[pnck]

Hi, I encountered a problem with the client certificate verifying / authenticating.

When enabled client certs (typically the Cloudflare mTLS rules), the client must present its private cert (aka .p12/.pfx file) to the server. However since ChatGPT-Next-Web requests the API base from the backend, it would not carry the valid credentials that should have come from a browser request.

So there should be a configurable option to specify a client certificate so that the mutual verification would work.

I have read the issue list and found that #518 #3034 may be related, but both of them didn't mention if it's possible to deploy a client certificate for the backend.

My current approach is to allow the server IP as request src_ip, but it's quite inconvenient since I had to hard code the IP into the rules. So let me ask for a feature to satisfy this scene.

[fred-bf]

Hi, we currently have no plans to support client certificate validation, and we expect to meet the current authentication requirements through the user system in the future

[pnck]

@fred-bf You might misunderstand. In this case it's the ChatGPT API Server (typically any API proxy) that requires the client (i.e. the ChatGPT-Next-Web server ) to be verified. There is nothing about checking certificates by ChatGPT-Next-Web itself.

I was looking forward to getting the ChatGPT-Next-Web backend to send HTTPS requests with p12/pfx credentials. Any hints are appreciated.

[fred-bf]

@pnck Get it. This is not currently on the mainline feature that we support, but I understand the rationality of this feature, so I'll mark it into the backlog for the time being.