Welcome! Log In Create A New Profile

Advanced

ssl_client_fingerprint and sha256

Denis Cardon
December 02, 2019 04:56AM
Hi everyone,

this is my first post on this mailing list, so bear with me :-)

Sorry if my question is silly, but I haven't found any way to use a
sha256 fingerprint for client certificate validation in Nginx. Sha1
fingerprints work fine but we are slowly going toward sha256 as hashing
function by default. The ngx_http_ssl_module documentation explicitly
specify only sha1 [1].

I have seen in the Trac that there is a issue open about that [2].
Perhaps there a good reason for not having it currently. I'll be glad to
hear from you all. We are using ssl client auth for WAPT project [3]
which automates Windows workstation software install and update.

Cheers,

Denis

[1] http://nginx.org/en/docs/http/ngx_http_ssl_module.html
[2] https://trac.nginx.org/nginx/ticket/1302
[3] https://doc.wapt.fr

--
Denis Cardon
Tranquil IT
12 avenue Jules Verne (Bat. A)
44230 Saint Sébastien sur Loire (FRANCE)
tel : +33 (0) 240 975 755
http://www.tranquil.it

Tranquil IT recrute! https://www.tranquil.it/nous-rejoindre/
Samba install wiki for Frenchies : https://dev.tranquil.it
WAPT, software deployment made easy : https://wapt.fr
_______________________________________________
nginx mailing list
nginx@nginx.org
http://mailman.nginx.org/mailman/listinfo/nginx
Subject Author Posted

ssl_client_fingerprint and sha256

Denis Cardon December 02, 2019 04:56AM

Re: ssl_client_fingerprint and sha256

Maxim Dounin December 02, 2019 09:42AM

Re: ssl_client_fingerprint and sha256

Denis Cardon December 02, 2019 10:46AM



Sorry, only registered users may post in this forum.

Click here to login

Online Users

Guests: 74
Record Number of Users: 6 on February 13, 2018
Record Number of Guests: 421 on December 02, 2018
Powered by nginx      Powered by FreeBSD      PHP Powered      Powered by MariaDB      ipv6 ready