Hello nginx list,

running version 0.8.54-4 9 (ubuntu 11.04)

Tried to configure nginx as reverse proxy for a wish to have client cert
authention on a specific url-path, but i failed.

The wish is to have:
https://hostA/pathA -> no client cert -> upstreamA
https://hostA/pathB -> client cert required -> upstreamB

I tried to configure nginx in one server definition multiple locations,
within the locations "ssl_client_certificate off;" in one location and
"ssl_client_certificate on;" in the other location. but got an error as:
011/08/05 07:54:56 [emerg] 5376#0: "ssl_client_certificate" directive is
not allowed here in ....(file/line number)

Another way i tried, is to have 2 identical server definitions, except for
the location and ssl_client_certificate on/off; But then i got the
(more or less expected) error twice:
2011/08/05 07:58:43 [warn] 5392#0: conflicting server name
"<FQDN>" on <IP>:443, ignored

my question,

is it possible what i'm trying to configure?

another question, related to this, i'd like to give the email from the
client certificate to the backend (in a http header variabele), but found
one way close to what i want, and that is to give the complete certificate
($ssl_client_cert) to upstream, but that way eats much of the 4000Bytes
max http header space..
Is there a way to set just the email from client cert?

Thanks in advance,

--
Arjan Filius
mailto:iafilius@xs4all.nl

_______________________________________________
nginx mailing list
nginx@nginx.org
http://mailman.nginx.org/mailman/listinfo/nginx