Hmm no reaction to this question so far.
Does this mean it is impossible:

On 12/27/2011 01:34 PM, Gelonida wrote:
> I wanted to know whether I can configure nginx to verify client
> certificates and reject them if invalid.
>
> However I would like to exclude the expiration date from the validation
> step.
>
> The context is rather simple.
>
> I have some embedded devices trying to connect to a server. The client
> certificates for some of these devices will expire before
> they will be returned for maintenance
> Instead of disabling client certificates globally I would like to 'just' ignore
> the expiration date of a selected list of devices
>
> Ideally I'd like to just ignore the expiration date of a few given
> certificates, but in my current setup even ignoring all expiration dates
> would be an option untill all devices were updated with new certificats
>
> Is there any setup allowing this?

Alternatively I'd be willing to change the C source of nginx if this
would help me to solve above mentioned issue.

Thanks for any pointers and suggestions.

P.S. I know, that the 'real' answer would be to just avoid above
situation and renew certificates prior to their expiration. However this
is unfortunately not possible for the already deployed devices.




_______________________________________________
nginx mailing list
nginx@nginx.org
http://mailman.nginx.org/mailman/listinfo/nginx