server {
listen [::]:443 ssl ipv6only=on;
listen 443 ssl; #porta externa
server_name _; #dominio para essa regra
ssl_certificate /opt/cert/cert.pem;
ssl_certificate_key /opt/cert/key.pem;
ssl_client_certificate /opt/cert/chain-pix-sandbox.crt;
ssl_verify_client optional;
ssl_verify_depth 3;
location / {
if ($ssl_client_verify != SUCCESS) {
return 403;
}
proxy_pass "http://localhost:2446";
}
}
listen [::]:443 ssl ipv6only=on;
listen 443 ssl; #porta externa
server_name _; #dominio para essa regra
ssl_certificate /opt/cert/cert.pem;
ssl_certificate_key /opt/cert/key.pem;
ssl_client_certificate /opt/cert/chain-pix-sandbox.crt;
ssl_verify_client optional;
ssl_verify_depth 3;
location / {
if ($ssl_client_verify != SUCCESS) {
return 403;
}
proxy_pass "http://localhost:2446";
}
}