Welcome! Log In Create A New Profile

Advanced

issues w/ client certificates from a self-signed CA

Michael Barrett
August 09, 2012 12:36AM
Hi, I'm trying to get client certificate authentication going using client certificates signed by a self-signed certificate authority created with openssl. After getting a bunch of '400 The SSL certificate error' errors I put nginx in debug mode and saw the following:

2012/08/08 23:22:14 [info] 27556#0: *1 client SSL certificate verify error: (18:self signed certificate) while reading client request headers, client: 50.18.140.88, server: _, request: "GET /blah/ HTTP/1.1", host: "example.com:8080"

I see that error 18 when I try to verify the client cert with the CA cert via openssl as well, but the verify still returns an 'OK' so it seems like it's more of a warning. Would that lead to the 400 error that my client is seeing? If so, is there anyway to get nginx to accept certificates signed by a self-signed CA?

I'm running nginx 1.1.19 on Ubuntu 12.04. Let me know if there's any other info you might need - thanks!

--
Michael Barrett
loki77@gmail.com




_______________________________________________
nginx mailing list
nginx@nginx.org
http://mailman.nginx.org/mailman/listinfo/nginx
Subject Author Posted

issues w/ client certificates from a self-signed CA

Michael Barrett August 09, 2012 12:36AM



Sorry, only registered users may post in this forum.

Click here to login

Online Users

Guests: 162
Record Number of Users: 8 on April 13, 2023
Record Number of Guests: 421 on December 02, 2018
Powered by nginx      Powered by FreeBSD      PHP Powered      Powered by MariaDB      ipv6 ready