|
|
|
|
|
|
by jazzyjackson
521 days ago
|
|
|
After coming across a brief tutorial of mTLS in this tool for locking down access to my family photo sharing [0] I have bounced around the internet following various guides but haven't ended up with a pfx file that I can install in a browser. Can you recommend any resource to understand which keys sign what, and what a client certificate is verified against? The guides I find often contain the openssl incantations with little explanation so I feel a bit like stumbling through the dark. I realize how much I've taken stacktraces for granted when this auth stuff is very "do or do not, there is no error" [0] https://github.com/alangrainger/immich-public-proxy/blob/mai... |
|
|
Alternatively, this guide focuses on Apache2 configuration but also goes through the certs https://www.openlogic.com/blog/mutual-authentication-using-a... (it’s a little dated though)
Here’s also something a bit more recent for Nginx https://darshit.dev/posts/two-way-ssl-nginx/