setup mTLS proxy server #776
Comments
|
Do you need a callback to work out which cert to set, or are you setting the cert unconditionally? |
|
Yes, I need to set user auth certificate unconditionally. This cert will be shown to mTLS proxy with every request through proxy. |
|
Place the identity cert and any intermediate certs at |
|
Sorry, I forget to mention - all clients is iOS devices (iPhones, iPads). Fatal error: TLSConfiguration.certificateChain is not supported. You can still use this configuration option on macOS if you initialize HTTPClient with a MultiThreadedEventLoopGroup. Please note that using MultiThreadedEventLoopGroup will make AsyncHTTPClient use NIO on BSD Sockets and not Network.framework (which is the preferred platform networking stack). |
|
Ah yes, this is a current limitation of async-http-client. You'll need to follow the instructions in that message, to use |
Thanks for giving right direction, I will try to use MultiThreadedEventLoopGroup today and post result here. |
and others
We have a mTLS proxy server in DMZ, and client applications with auth certificate can send requests to private network through it. Currently I using iOS 17.0+ api:
ProxyConfiguration.init(
httpCONNECTProxy: NWEndpoint,
tlsOptions: NWProtocolTLS.Options? = nil
)
sec_protocol_challenge_t is called then proxy asks auth certificate and all proccess is working.
How to setup TLSConfiguration for certificate auth with mTLS proxy ?
The text was updated successfully, but these errors were encountered: