Replies: 2 comments
-
|
What problem does this solve? What is the purpose of adding a cert to the backend app itself? |
Beta Was this translation helpful? Give feedback.
-
|
I don't know, if it "solves" a general problem. It's a feature request to include mTLS authentication. For general SSL I am using Let's Encrypt via the reverse proxy, which works fine. The client certs are for mTLS authentication, to add another layer of security.
( https://www.cloudflare.com/learning/access-management/what-is-mutual-tls/ ) When using Chrome on android, it prompts and asks to send the client cert (because it was added to the android truststore first manually). The app just shows HTTP resonse code 400. Actually it should be 496, but nginx isn't that accurate in it's response. So it's more like a me-problem, since I want to use it in a Zero Trust environment. It would be nice if you could consider it, like in a "advanced connection settings" submenu or anything - but yes, it's most likely special interest. Anyways, thanks for your time! |
Beta Was this translation helpful? Give feedback.
-
Hey there.
I host audiobookshelf on my linux server, and make it available with SSL through a nginx reverse proxy. This works fine for the website frontend and the app.
For some services, which should be available over the internet, I also request a client certificate. This also works fine for the website frontend, but not for the app. It would be great if you could add a filepicker to provide a client cert (.p12) to the app. Alternatively you could utilize the android truststore, since the cert is already added there on my phone. I have no idea, if android let you do this, but the filepicker would be an idea.
I know there are other ways of doing this, like VPN etc., but I would be very greatful for this feature.
Thanks in advance.
Beta Was this translation helpful? Give feedback.
All reactions