Hi, i was wanting to return a 403 when invalid client certificate submitted, however Nginx 1.9.6 returning 400 Bad Request, The SSL Certificate Error. Seems to return 403 fine when no certificate is submitted, but any clues on getting it to return a 403 work when invalid (signed by unauthorised CA) certificate submitted.
Nginx server block -
server {
listen 443 ssl;
server_name server.com;
ssl_certificate /etc/nginx/server.crt;
ssl_certificate_key /etc/nginx/server.key;
ssl_client_certificate /etc/nginx/client_ca.crt;
ssl_verify_client optional;
ssl_verify_depth 2;
if ($ssl_client_verify != SUCCESS ) {
return 403;
}