January 06, 2012 10:12PM
I need to specify a CA file to "ssl_client_certificate" directive. This crt is generated by openssl x509 command with "-trustout" parameter, so starts with "----BEGIN TRUSTED CERTIFICATE-----", rather than common "-----BEGIN CERTIFICATE-----".

Nginx will report error:
PEM routines:PEM_read_bio:no start line

Internally, nginx uses openssl's API "SSL_load_client_CA_file()" to load the cert and report this error.

So it's a bug, expected or I mis-configure somewhere?


Thanks.
Subject Author Posted

How to load a TRUSTED Client CA

speedfirst January 06, 2012 10:12PM

Re: How to load a TRUSTED Client CA

Maxim Dounin January 07, 2012 06:12PM



Sorry, only registered users may post in this forum.

Click here to login

Online Users

Guests: 96
Record Number of Users: 6 on February 13, 2018
Record Number of Guests: 421 on December 02, 2018
Powered by nginx      Powered by FreeBSD      PHP Powered      Powered by MariaDB      ipv6 ready