Welcome! Log In Create A New Profile


mTLS | how to with self-signed cert for client and ssl Certificate Request with empty CA by server

Posted by tlabs 

I work on a project that provides an mTLS scenario,
but the clients need to use self-signed certificate during the handshake phase.

It is a scenario expected by oauth2 / openID.

I need to instruct nginx so that the SSL Certificate Request message contains the list of supported CAs as empty.

The ssl protocol provides this option that allows clients to submit a self-signed certificate and not a certificate imposed by the CA supported by the server.

Could you explain to me how I can achieve this scenario?

I thank you for the support
Sorry, only registered users may post in this forum.

Click here to login

Online Users

Guests: 72
Record Number of Users: 6 on February 13, 2018
Record Number of Guests: 421 on December 02, 2018
Powered by nginx      Powered by FreeBSD      PHP Powered      Powered by MariaDB      ipv6 ready