Welcome! Log In Create A New Profile

Advanced

Re: SSL Client Authentication

Maxim Dounin
May 12, 2014 01:30PM
Hello!

On Mon, May 12, 2014 at 10:41:47AM -0400, Dustin Oprea wrote:

> I have the following *server* configuration for client-authentication:
>
> ssl on;
> ssl_certificate /.../deploy_api_certificate.pem;
> ssl_certificate_key /.../deploy_api_private.pem;
>
> ssl_client_certificate /.../ca_cert.pem;
> ssl_verify_client on;
> ssl_verify_depth 1;
>
>
> It looks like I get a "Bad Request" (400) when I use a certificate signed
> by a different CA. So, what's the point of the *ssl_client_verify* variable?

It's mostly useful with "ssl_verify_client optional", see
http://nginx.org/r/ssl_verify_client for details.

--
Maxim Dounin
http://nginx.org/

_______________________________________________
nginx mailing list
nginx@nginx.org
http://mailman.nginx.org/mailman/listinfo/nginx
Subject Author Posted

SSL Client Authentication

Dustin Oprea May 12, 2014 10:44AM

Re: SSL Client Authentication

Maxim Dounin May 12, 2014 01:30PM

Re: SSL client Authentication

Nicholas Sherlock August 10, 2014 07:44PM



Sorry, only registered users may post in this forum.

Click here to login

Online Users

Guests: 142
Record Number of Users: 6 on February 13, 2018
Record Number of Guests: 421 on December 02, 2018
Powered by nginx      Powered by FreeBSD      PHP Powered      Powered by MariaDB      ipv6 ready