Welcome! Log In Create A New Profile

Advanced

3:unable to get certificate CRL

Previous Message Next Message
Forum List Message List New Topic Print View
Janet Valbuena
March 12, 2015 12:36PM
Hi Nginx Team

I'm having problems configuring NGINX to use a CRL.

I've created the CRL using OpenSSL 0.9.8e and my Nginx version is 1.4.1.

I'm using a self-signed certificate and an intermediate certificate.

The lines for the SSL in my config are:

server {
> listen 10446 ssl;
>
> ssl_session_cache shared:SSL:10m;
> ssl_session_timeout 10m;
> ssl_prefer_server_ciphers on;
>
> ssl_certificate /etc/nginx/ssl/star_net.crt;
> ssl_certificate_key /etc/nginx/ssl/star_net.key;
>
> ssl_client_certificate /etc/certs/ca-chain.cert.pem;
>
> ssl_crl /etc/certs/crl.cert.pem;
>
> ssl_verify_client on;
> ssl_verify_depth 2;
>
>
If I comment the ssl_crl line, I don't get any errors.

However as soon as I uncomment it I get this error:

...... client SSL certificate verify error: (3:unable to get certificate
> CRL) while reading client request headers, client: ....
>

I can't see what is wrong in my config. Help please.

Thanks very much

Janet
_______________________________________________
nginx mailing list
nginx@nginx.org
http://mailman.nginx.org/mailman/listinfo/nginx
Reply Quote
RSS
Subject Author Posted

3:unable to get certificate CRL

Janet Valbuena March 12, 2015 12:36PM

Re: 3:unable to get certificate CRL

Maxim Dounin March 12, 2015 01:06PM



Sorry, only registered users may post in this forum.

Click here to login

Online Users

Guests: 132
Record Number of Users: 8 on April 13, 2023
Record Number of Guests: 421 on December 02, 2018
Powered by nginx      Powered by FreeBSD      PHP Powered      Powered by MariaDB      ipv6 ready