ChatGPTNextWeb/NextChat

[Feature] configurable **client** certificate

Open

#3 935 ouverte le 27 janv. 2024

Voir sur GitHub
 (3 commentaires) (0 réactions) (0 assignés)TypeScript (59 717 forks)batch import
backloghelp wanted

Métriques du dépôt

Stars
 (87 992 stars)
Métriques de merge PR
 (Aucune PR mergée en 30 j)

Description

Hi, I encountered a problem with the client certificate verifying / authenticating.

When enabled client certs (typically the Cloudflare mTLS rules), the client must present its private cert (aka .p12/.pfx file) to the server. However since ChatGPT-Next-Web requests the API base from the backend, it would not carry the valid credentials that should have come from a browser request.

So there should be a configurable option to specify a client certificate so that the mutual verification would work.

I have read the issue list and found that #518 #3034 may be related, but both of them didn't mention if it's possible to deploy a client certificate for the backend.

My current approach is to allow the server IP as request src_ip, but it's quite inconvenient since I had to hard code the IP into the rules. So let me ask for a feature to satisfy this scene.

Guide contributeur