On 5 August 2014 02:49, Shobhit Mishra <nginx-forum@nginx.us> wrote:

> However I verified using wireshark that the client is sending the
> certificate , same as the one given in ssl_client_certificate directive.
>

But that's not the certificate that Nginx is expecting, it expects the
client to send a certificate that has been *signed* by the
ssl_client_certificate.

You can use the openssl command line tools to verify that your client's
cert is signed correctly:


openssl verify -verbose -CAfile NewCA_Cert.pem client_to_verify.crt


Cheers,
Nicholas Sherlock
_______________________________________________
nginx mailing list
nginx@nginx.org
http://mailman.nginx.org/mailman/listinfo/nginx