-- Leo's gemini proxy
-- Connecting to bbs.geminispace.org:1965...
-- Connected
-- Sending request
-- Meta line: 20 text/gemini; charset=utf-8
if you reverse proxy a TLS connection to another TLS connection, the upstream server cannot verify the client cert, only the proxy can. Passing additional paramters like the cert hash could work, but gemini directly does not
2023-08-30 · 9 months ago
Well, my idea of the proxy is to terminate TLS there, like you would terminate HTTPS requests for API ingress. Depending of the hosted content, the apps behind the proxy should know as little as possible about what's going on in front of the proxy.
yes, HTTPS would not work with client certs either, you have to add some metadata to the internal request. someone suggested using the PROXYv2 protocol. (I have to say that I have not tried anything yet, so I mostly guessing how it would work)
Bliz server side scripting for Gemini. — found this today. looks interesting.
-- Response ended
-- Page fetched on Sun Jun 2 18:59:49 2024