Client Authentication - do not validate client certificate flags, only it's CA...
January 31, 2019 02:24PM

I'm using Nginx with client auth (auth-tls-verify-client: on) and a ca client client list (auth-tls-secret: ca.crt)

Nginx ask my for my client smartcard certificate, I can send the certificate, but then:
400 Bad Request
No required SSL certificate was sent

What's the problem: my smartcard certificate is from "carta nazionale dei servizi" is an italian procedure, and the certificate format in Italy have legal value, but it cannot be validated by Nginx.

All works on Apache, but well, It's not the same :-) :PPP
So if in the future this check could be removed it could be useful for a whole nation :-D

Sorry, only registered users may post in this forum.

Click here to login

Online Users

Guests: 86
Record Number of Users: 6 on February 13, 2018
Record Number of Guests: 421 on December 02, 2018
Powered by nginx      Powered by FreeBSD      PHP Powered      Powered by MariaDB      ipv6 ready