Loading README.md +5 −3 Original line number Diff line number Diff line Loading @@ -62,12 +62,14 @@ cd pwndocimportautomator # MANUAL STEP: Fill in docker.env file (use docker.env.dist as a template) # Setup TLS Client Auth: # Option 1: Keep it disabled. # Setup authentication # Option 1: Keep it disabled (this gives access to audit data to EVERYONE) # touch nginx/trusted_client_certs.pem # Option 2: Set it up. # Option 2: Set up TLS Client Auth # MANUAL STEP: create file nginx/trusted_client_certs.pem and put certificate(s) (CA or individual) there # sed -i 's/ssl_verify_client off;/ssl_verify_client on;/' nginx/nginx.conf # Option 3: Use password based authentication (see file nginx/nginx.conf) # Option 4: Authenticate using another (external) reverse proxy. In that case make sure support for websockets is enabled. docker-compose up --build -d ``` Loading nginx/nginx.conf +2 −0 Original line number Diff line number Diff line Loading @@ -17,6 +17,8 @@ server { ssl_certificate_key /etc/ssl/private/key.pem; ssl_password_file /etc/ssl/private/keys.pass; # It is possible to disable TLS Client cert verification and use password-based one instead. # https://docs.nginx.com/nginx/admin-guide/security-controls/configuring-http-basic-authentication/ ssl_verify_client off; # on | off | optional | optional_no_ca; ssl_verify_depth 10; ssl_client_certificate /etc/ssl/certs/trusted_client_certs.pem; Loading Loading
README.md +5 −3 Original line number Diff line number Diff line Loading @@ -62,12 +62,14 @@ cd pwndocimportautomator # MANUAL STEP: Fill in docker.env file (use docker.env.dist as a template) # Setup TLS Client Auth: # Option 1: Keep it disabled. # Setup authentication # Option 1: Keep it disabled (this gives access to audit data to EVERYONE) # touch nginx/trusted_client_certs.pem # Option 2: Set it up. # Option 2: Set up TLS Client Auth # MANUAL STEP: create file nginx/trusted_client_certs.pem and put certificate(s) (CA or individual) there # sed -i 's/ssl_verify_client off;/ssl_verify_client on;/' nginx/nginx.conf # Option 3: Use password based authentication (see file nginx/nginx.conf) # Option 4: Authenticate using another (external) reverse proxy. In that case make sure support for websockets is enabled. docker-compose up --build -d ``` Loading
nginx/nginx.conf +2 −0 Original line number Diff line number Diff line Loading @@ -17,6 +17,8 @@ server { ssl_certificate_key /etc/ssl/private/key.pem; ssl_password_file /etc/ssl/private/keys.pass; # It is possible to disable TLS Client cert verification and use password-based one instead. # https://docs.nginx.com/nginx/admin-guide/security-controls/configuring-http-basic-authentication/ ssl_verify_client off; # on | off | optional | optional_no_ca; ssl_verify_depth 10; ssl_client_certificate /etc/ssl/certs/trusted_client_certs.pem; Loading
