You need to configure client cert auth as being required on the front end server, and then enable certificate-forwarding on the back end server. The front end will encode the certificate into a header, which will be decoded by the back end server.


On Wed, Feb 14, 2018 at 9:15 AM, paroczizs . <> wrote:
Hi UndertowDev,

Is it possible to configure 2 way ssl with reverse proxy in wildfly standalone.xml?
The schema and the realm set properly in case of 1 way ssl works fine however when the back end requests for the client cert the wildfly does not sent it:

22:12:41,187 INFO  [stdout] (default task-2) *** CertificateRequest


22:12:41,213 INFO  [stdout] (default task-2) Warning: no suitable certificate found - continuing without client authentication


realm looks like this:

<security-realm name="PserverRealm">



            <keystore path="/home/config/pserver.jks" keystore-password="123456" alias="pserver" key-password="123456"/>




        <truststore path="/home/config/pserver.jks" keystore-password="123456"/>



Another question whether is basic authentication possible from the configuration?

Thank you in advance, Zsolt

Mentes a vírusoktól.

undertow-dev mailing list