When reverse proxying over SSL, I would like to be able to set the
context to VERIFY_PEER and to provide my own CA file. Right now nginx
uses the OpenSSL default of VERIFY_NONE.
There appears to be some code around this in
ngx_ssl_client_certificate in ngx_event_openssl.c, but this is for
validating client certificates, not nginx acting as a client.
I am working on a patch, but if Igor or someone more experienced
already has this working, I would prefer to use that.
_______________________________________________
nginx mailing list
nginx@nginx.org
http://mailman.nginx.org/mailman/listinfo/nginx