diff --git a/.gitignore b/.gitignore
index 8e612bc3a7..872ad615d9 100644
--- a/.gitignore
+++ b/.gitignore
@@ -58,3 +58,5 @@ images/fastcgi-helloserver/rootfs/fastcgi-helloserver
 cmd/plugin/release/ingress-nginx.yaml
 cmd/plugin/release/*.tar.gz
 cmd/plugin/release/LICENSE
+
+dist/
\ No newline at end of file
diff --git a/CHANGELOG.md b/CHANGELOG.md
index dba0765b77..32c443766f 100644
--- a/CHANGELOG.md
+++ b/CHANGELOG.md
@@ -1,7 +1,11 @@
 # Changelog
 
-## 1.5.1-0.5.0 (2023-07-04)
 
+## 1.5.1-0.5.1 (upcoming)
+
+* [EOS-12641] Client certificate auth is broken in ingress-nginx-controller
+
+## 1.5.1-0.5.0 (2023-07-04)
 
 * Build the stratio ingress-nginx-controller with the community controller:1.5.1 as a base
 * Fix vault retrieve secret recode
diff --git a/internal/ingress/annotations/authtls/main.go b/internal/ingress/annotations/authtls/main.go
index c006cecd5d..21fdf699dd 100644
--- a/internal/ingress/annotations/authtls/main.go
+++ b/internal/ingress/annotations/authtls/main.go
@@ -24,6 +24,7 @@ import (
 	"regexp"
 
 	"k8s.io/ingress-nginx/internal/ingress/annotations/parser"
+	"k8s.io/ingress-nginx/internal/ingress/errors"
 	ing_errors "k8s.io/ingress-nginx/internal/ingress/errors"
 	"k8s.io/ingress-nginx/internal/ingress/resolver"
 	"k8s.io/ingress-nginx/internal/k8s"
@@ -95,28 +96,27 @@ func (a authTLS) Parse(ing *networking.Ingress) (interface{}, error) {
 	config := &Config{}
 
 	tlsauthsecret, err := parser.GetStringAnnotation("auth-tls-vault", ing)
-	if err != nil {
-		return &Config{}, err
+	if err != nil && !errors.IsMissingAnnotations(err) {
+		return config, err
 	}
-
 	// If  there is no secret in vault check for K8s secret
 	if tlsauthsecret == "" {
-		tlsauthsecret, err := parser.GetStringAnnotation("auth-tls-secret", ing)
+		tlsauthsecret, err = parser.GetStringAnnotation("auth-tls-secret", ing)
 		if err != nil {
-			return &Config{}, err
+			return config, err
 		}
 		secretInVault = false
 
 		_, _, err = k8s.ParseNameNS(tlsauthsecret)
 		if err != nil {
-			return &Config{}, ing_errors.NewLocationDenied(err.Error())
+			return config, ing_errors.NewLocationDenied(err.Error())
 		}
 	}
 
 	authCert, err := a.r.GetAuthCertificate(tlsauthsecret, secretInVault)
 	if err != nil {
 		e := fmt.Errorf("error obtaining certificate: %w", err)
-		return &Config{}, ing_errors.LocationDenied{Reason: e}
+		return config, ing_errors.LocationDenied{Reason: e}
 	}
 	config.AuthSSLCert = *authCert
 
diff --git a/rootfs/Dockerfile.stratio b/rootfs/Dockerfile.stratio
index 8780610454..eb93b2497b 100644
--- a/rootfs/Dockerfile.stratio
+++ b/rootfs/Dockerfile.stratio
@@ -24,14 +24,15 @@ RUN apk update \
   && apk add make --repository=https://dl-cdn.alpinelinux.org/alpine/v3.14/main \
     diffutils make unzip \
   && apk upgrade libxml2 \
+  && apk add wget \
   && rm -rf /var/cache/apk/*
 
 # JWT manipulation dependencies
 ENV LUAROCKS_VERSION 3.8.0
-ENV LUAROCKS_SHA ab6612ca9ab87c6984871d2712d05525775e8b50172701a0a1cabddf76de2be7
+ENV LUAROCKS_SHA 56ab9b90f5acbc42eb7a94cf482e6c058a63e8a1effdf572b8b2a6323a06d923
 
 RUN wget -O /tmp/luarocks.tgz \
-  https://github.com/luarocks/luarocks/archive/v${LUAROCKS_VERSION}.tar.gz \
+  https://luarocks.github.io/luarocks/releases/luarocks-${LUAROCKS_VERSION}.tar.gz \
   && echo "${LUAROCKS_SHA} */tmp/luarocks.tgz" | sha256sum -c - \
   && tar -C /tmp -xzf /tmp/luarocks.tgz \
   && cd /tmp/luarocks* \