nginx - Two App with different SSL Public Key Pinning how to

Question

I need collective input from StackOverFlow on how to solve the current issue i'm currently facing.

I've two application that request handshake to two different waf.

App A SSL pinning pointed to SSL A ( Version 1 )
App B SSL pinning pointed to SSL B ( Version 2 )

We've this force-update feature for the mobile application. When we upload Version 2 app to production, the Version 1 app unable to work because it's expecting SSL A to reach the server. But the server is now only accepting SSL B for SSL handshake.

So now i'm having difficulty to force update the Version 1 to Version 2 because the force-update API is failing at SSL handshake.

I was thinking adding NGINX or HAPROXY holding two cert ( SSL A + SSL B ) then redirect them to origin that is offloading/hosting the SSL cert , in this case could be a firewall or WAF.

So i was thinking is there any software or cloud services can do the redirection based on SSL or HTTP parameter in the box "2 Cert LB"

I've been reading some stackoverflow solution, but i'm still having issue implementing it.

Nginx if statement on ssl certificates
https://serverfault.com/questions/837541/ssl-offloading-for-multiple-domains-multiple-certs-on-haproxy

Some helpful advice or info is highly appreciated. Thanks in advance.

question from:https://stackoverflow.com/questions/65919782/two-app-with-different-ssl-public-key-pinning-how-to

Answer 1

Waitting for answers