blob: 4cab734074d688f60009cf00028d3b978489e2e6 [file] [log] [blame]
server {
listen 2443 default ssl;
ssl_protocols TLSv1.2;
{{ if .Values.global.aafEnabled }}
ssl_certificate {{.Values.certInitializer.credsPath}}/{{.Values.certInitializer.clamp_pem}};
ssl_certificate_key {{.Values.certInitializer.credsPath}}/{{.Values.certInitializer.clamp_key}};
{{ else }}
ssl_certificate /etc/ssl/clamp.pem;
ssl_certificate_key /etc/ssl/clamp.key;
{{ end }}
ssl_verify_client optional_no_ca;
location /restservices/clds/ {
proxy_pass https://policy-clamp-be:8443;
proxy_set_header X-SSL-Cert $ssl_client_escaped_cert;
}
location / {
root /usr/share/nginx/html;
index index.html index.htm;
try_files $uri $uri/ /index.html;
}
error_page 500 502 503 504 /50x.html;
location = /50x.html {
root /usr/share/nginx/html;
}
}