On Dec 4, 2016, at 11:03 AM, Reinis Rozitis wrote:
> In case of https I don't even think it makes sense to provide any certificates (even self-signed).
> Without those the connection will/should be just terminated because of peer not providing any certificates and self-signed certs shouldn't be validated (otherways there is a major flaw) by clients/crawlers either.
I prefer a self-signed (or other somewhat valid) cert because it lets me test the configuration easier (ie, it's broken in the correct way), and most automated monitoring services can be configured to accept it to test a "pass".
_______________________________________________
nginx mailing list
nginx@nginx.org
http://mailman.nginx.org/mailman/listinfo/nginx