docusignapi - Mutual TLS for webhook, using nginx

Question

I'm using DocuSign's eSignature API. Rails app, server is nginx. I'm trying to get Mutual TLS working, with no luck so far. I used the instructions here.

I'm currently in DocuSign's sandbox - is there any reason Mutual TLS wouldn't work in the sandbox? I'm not seeing $ssl_client_fingerprint or $ssl_client_s_dn in my access_log.

Edit: I'm not getting any errors from nginx. Webhooks are working, I just don't see the client fingerprint, or $ssl_client_s_dn in my nginx logs. My lone question is: does mutual TLS with nginx work when webhook POSTs come from DocuSign's sandbox?

Edit 2: I figured out my issue. The nginx configuration was fine. I didn't have verify_ssl_host set to true when creating the DocuSign API client.

    configuration = DocuSign_eSign::Configuration.new
    configuration.host = base_path
    configuration.verify_ssl_host = true # I was missing this
    api_client = DocuSign_eSign::ApiClient.new(configuration)

question from:https://stackoverflow.com/questions/65929417/mutual-tls-for-webhook-using-nginx

Answer 1

Mutual TLS can work in the Developer Environment (also known as "Sandbox" or demo).

https://www.docusign.com/blog/dsdev-mutual-tls-stuff-know has more information about it.

If you need help with that - please provide more information about your issue.