I'm using kubernetes/ingress-nginx. Task is to extract CN field from client's certificate using nginx ingress. I was searching for a while and found a solution:
map $ssl_client_s_dn $ssl_client_s_dn_cn {
default "";
~CN=(?<CN>[^/,\"]+) $CN;
}
But I can't adapt this code for nginx ingress.That's what I currently have and it doesn't work.
nginx.ingress.kubernetes.io/http-snippets: |
map $ssl_client_s_dn $ssl_client_s_dn_cn {
default "";
~CN=(?<CN>[^/,\"]+) $CN;
}
nginx.ingress.kubernetes.io/configuration-snippet: |
proxy_set_header Remote-User $ssl_client_s_dn_cn;Probably someone faced with it and know how to adjust this properly, as I'm out of ideas.
If you know more elegant way to do it please share you knowledge here.
Thanks in advance.
I found a solution,hope it may help someone:
nginx.ingress.kubernetes.io/http-snippet: |
map $ssl_client_s_dn $ssl_client_s_dn_cn {
default "";
~CN=(?<CN>[^/,\"]+) $CN;
};
nginx.ingress.kubernetes.io/location-snippet: |
proxy_set_header REMOTE-USER $ssl_client_s_dn_cn;