Hi guys,
I was wondering if a setting to controll allowed signatures for client certificates would be a valuable addition to nginx's "ngx_http_ssl_module"?
Currently there is no way (or is there?) to restrict client-certifiicates to something like "sha256WithRSAEncryption". The consequence is that you cannot specify to not trust users with certificates that are signed by weak signature algorithms. (Just like modern browser do this with server-certificates that are signed with weak signature algorithms)
Sincerly yours,
d-s-mvg