allow to switch off disabled renegotiation proxy to SSL client certificate protected backends
|Reported by:||Owned by:|
|uname -a:||Linux nebo 3.13.0-71-generic #114-Ubuntu SMP Tue Dec 1 02:35:20 UTC 2015 i686 i686 i686 GNU/Linux|
|nginx -V:||nginx version: nginx/1.8.0|
describes the scenario. A backend SSL Client Certificate secured server needs renegotiation.
Nginx fails 1.8.x fails badly on this with my Ubuntu 14.04.3 LTS
after having successfully solved the riddle in http://serverfault.com/questions/622855/nginx-proxy-to-back-end-with-ssl-client-certificate-authentication/746816#746816
The workaround to reconfigure the backend Apache Server is more than ugly. The worst part is the major effort needed to find out this problem in the first place - at lease nginx should mention that it actively forced the problem. curl/wget/openssl all run with no problem just nginx behaves this badly.