ChatGPTNextWeb/NextChat

[Feature] configurable **client** certificate

Open

#3935 aperta il 27 gen 2024

Vedi su GitHub
 (3 commenti) (0 reazioni) (0 assegnatari)TypeScript (59.717 fork)batch import
backloghelp wanted

Metriche repository

Star
 (87.992 star)
Metriche merge PR
 (Nessuna PR mergiata in 30 g)

Descrizione

Hi, I encountered a problem with the client certificate verifying / authenticating.

When enabled client certs (typically the Cloudflare mTLS rules), the client must present its private cert (aka .p12/.pfx file) to the server. However since ChatGPT-Next-Web requests the API base from the backend, it would not carry the valid credentials that should have come from a browser request.

So there should be a configurable option to specify a client certificate so that the mutual verification would work.

I have read the issue list and found that #518 #3034 may be related, but both of them didn't mention if it's possible to deploy a client certificate for the backend.

My current approach is to allow the server IP as request src_ip, but it's quite inconvenient since I had to hard code the IP into the rules. So let me ask for a feature to satisfy this scene.

Guida contributor