Open KosShutenko opened 1 year ago
This issue is currently awaiting triage.
If Ingress contributors determines this is a relevant issue, they will accept it by applying the triage/accepted
label and provide further guidance.
The triage/accepted
label can be added by org members by writing /triage accepted
in a comment.
/remove-kind bug /kind feature /help
@longwuyuan: This request has been marked as needing help from a contributor.
Please ensure that the issue body includes answers to the following questions:
For more details on the requirements of such an issue, please see here and ensure that they are met.
If this request no longer meets these requirements, the label can be removed
by commenting with the /remove-help
command.
Can you share what your nginx.conf looks like? I'm not sure that $ssl_client_fingerprint is getting used properly.
You can use the kubectl plugin https://kubernetes.github.io/ingress-nginx/kubectl-plugin/#conf
or
kubectl exec $INGRESS_POD -- cat /etc/nginx/nginx.conf
Hello,
Our current nginx.conf looks like: nginx.conf.txt
I've removed part of servers sections, which not related to this test.
I've added proxy_set_header X-SSL-Client-Fingerprint $ssl_client_fingerprint;
for one server only.
This is stale, but we won't close it automatically, just bare in mind the maintainers may be busy with other tasks and will reach your issue ASAP. If you have any question or request to prioritize this, please reach #ingress-nginx-dev
on Kubernetes Slack.
Did you add ssl_verify_client on;
?
What happened:
I am trying to use "$ssl_client_fingerprint" variable in my configuration. I've added annotations for my ingress:
but it doesn't help.
What you expected to happen:
I want to see header X-SSL-Client-Fingerprint with client fingerprint hash.
NGINX Ingress controller version:
Kubernetes version: Server Version: v1.23.14-gke.1800
Also I've tried to use modSecurity with OWASP
I've found relevant issue but without any solution :(
How I can get ssl_client_fingerprint? Thank you for advices.