Load balance SSL backend server with client authentication

[sbrakl]

I am using Interlock 1.13 with Docker 1.11 and Swarm 1.2.5

I am trying to load balance tomcat server which serve as ESB in my application.

They listen on port 8443, and require HTTPS with client certificate authentication.

Now, I need to inject client certificate which would be used in proxy section of Nginx

backend {
    server some-ip:8443;
}

server {
    listen 80;
    location / {
        proxy_ssl_certificate        certs/client.crt;
        proxy_ssl_certificate_key    certs/client.key;

        proxy_pass https://backend;
    }
}

I studied the Interlock configuration section, but couldn't find options which could do this.

I am already using following options

• interlock.hostname=test
• interlock.domain=local
• interlock.ssl=true
• interlock.ssl_only=true
• interlock.ssl_cert=test.local.crt
• interlock.ssl_cert_key=test.local.key
• interlock.ssl_backend=true

But couldn't find options for proxy_ssl_cert, and proxy_ssl_cert_key

How can I achieve this, if I want to use Interlock with Nginx?

[ehazlett]

Right now backend proxy ssl is not supported.

[sbrakl]

I was able to set client auth certificate using nginx Template. Just for reference, here out how I did it
https://sbrakl.wordpress.com/2017/01/09/client-auth-with-interlock-and-nginx/

Thanks for the help!

[ehazlett]

Thanks!