Ben Clouser bclouser
pahud
/ nginx.conf
Last active
February 23, 2023 17:32
ngx-lua validating requests from AWS API Gateway with client certificate
This file contains bidirectional Unicode text that may be interpreted or compiled differently than what appears below. To review, open the file in an editor that reveals hidden Unicode characters.
Learn more about bidirectional Unicode characters
| server { | |
| listen 443 ssl; | |
| server_name gw.pahud.net; | |
| ssl_certificate /opt/openresty/nginx/conf/ssl/chained.crt; | |
| ssl_certificate_key /opt/openresty/nginx/conf/ssl/private-key.pem; | |
| ssl_client_certificate /opt/openresty/nginx/conf/ssl/apigw.crt; | |
| ssl_verify_client optional; | |
| ssl_ciphers EECDH+CHACHA20:EECDH+AES128:RSA+AES128:EECDH+AES256:RSA+AES256:EECDH+3DES:RSA+3DES:!MD5; |