Skip to content

Support for client TLS certificate in tcpsock:sslhandshake #534

New issue

Have a question about this project? Sign up for a free GitHub account to open an issue and contact its maintainers and the community.

Sign up for GitHub

By clicking “Sign up for GitHub”, you agree to our terms of service and privacy statement. We’ll occasionally send you account related emails.

Already on GitHub? Sign in to your account

Jump to bottom
Open
smira opened this issue Jul 10, 2015 · 6 comments
Open

Support for client TLS certificate in tcpsock:sslhandshake #534

smira opened this issue Jul 10, 2015 · 6 comments

Comments

@smira
Copy link

smira commented Jul 10, 2015

There's already an option to validate server TLS certificate using lua_ssl_trusted_certificate.

It would be nice if we could provide client TLS certificate, in the same way as ngx_http_proxy module is doing: http://nginx.org/en/docs/http/ngx_http_proxy_module.html#proxy_ssl_certificate, so that there would be two new options:

  • lua_ssl_certificate
  • lua_ssl_certificate_key

These options would initialise nginx ssl context with client certificates, which would be used during ssl handshake.
@agentzh
Copy link
Member

agentzh commented Jul 11, 2015

@smira Yes, this has been on my TODO list. But would you mind contributing a patch for it? ;)

Thanks!

@rohitjoshi
Copy link

Any patch available?

@rainingmaster rainingmaster mentioned this issue May 5, 2017
Closed
dndx added a commit to dndx/lua-nginx-module that referenced this issue Sep 14, 2019
@dndx
feature: TCP cosocket client certificate support. closes openresty#534
f6ba1df
dndx added a commit to dndx/lua-nginx-module that referenced this issue Sep 19, 2019
@dndx
feature: TCP cosocket client certificate support. closes openresty#534
c2f2087
dndx added a commit to dndx/lua-nginx-module that referenced this issue Oct 24, 2019
@dndx
feature: TCP cosocket client certificate support. closes openresty#534
60dfb15
dndx added a commit to dndx/lua-nginx-module that referenced this issue Dec 6, 2019
@dndx
feature: TCP cosocket client certificate support. closes openresty#534
489bcce
thibaultcha pushed a commit to thibaultcha/lua-nginx-module that referenced this issue Jul 6, 2020
@dndx @thibaultcha
feature: TCP cosocket client certificate support. closes openresty#534
10bfa00
dndx added a commit to dndx/lua-nginx-module that referenced this issue Nov 24, 2020
@dndx
feature: TCP cosocket client certificate support. closes openresty#534
8d22be2
dndx added a commit to dndx/lua-nginx-module that referenced this issue Jan 21, 2022
@dndx
feature: TCP cosocket client certificate support. closes openresty#534
e81c5f0
dndx added a commit to dndx/lua-nginx-module that referenced this issue Jan 28, 2022
@dndx
feature: TCP cosocket client certificate support. closes openresty#534
78a450d
@Lekensteyn
Copy link

This appears to be fixed since March 2022 via commit 2b90265 (PR #1602). There is a new tcpsock:setclientcert API.

@Bec-k
Copy link

Bec-k commented Sep 6, 2022

I don't see and can't find setclientcert anywhere...

@Bec-k
Copy link

Bec-k commented Sep 6, 2022

It was not merged...

@zhuizhuhaomeng
Copy link
Contributor

https://github.com/openresty/lua-nginx-module#tcpsocksetclientcert
It has been merged. But do not contain in the openresty-1.21.4 Release

Sign up for free to join this conversation on GitHub. Already have an account? Sign in to comment
Assignees
No one assigned
Labels
None yet
Projects
None yet
Milestone
No milestone
Development

No branches or pull requests
6 participants
@smira @agentzh @Lekensteyn @rohitjoshi @zhuizhuhaomeng @Bec-k