Maxim Dounin
February 27, 2018 10:34AM
Hello!

On Tue, Feb 27, 2018 at 09:30:24AM -0500, monah1983 wrote:

> Добрый день!
> Есть проблема.
> Есть vps с vestacp. На ней несколько доменов.
> На одном из них включил ssl через Lets Encrypt.
> Также включен - Поддержка ProxyNGINX
> Создал сертификат CA, подписал и отдал пользователю сертификат.
> При заходе на сайт, требует сертификат, его выбираю, и потом ошибка 400 Bad
> RequestThe SSL certificate error
> вот мой конфиг
> server {
> listen *****:443;
> server_name ***.tk www.***.tk;
> ssl on;
> ssl_certificate /home/admin/conf/web/ssl.***.tk.pem; - тут
> сертификаты Lets Encrypt
> ssl_certificate_key /home/admin/conf/web/ssl.***.tk.key; тут
> сертификаты Lets Encrypt
> ssl_client_certificate /etc/ssl/***.tk/ca.crt; - тут мой
> ssl_verify_client on;
> ssl_ciphers
> ECDH+AESGCM:DH+AESGCM:ECDH+AES256:DH+AES256:ECDH+AES128:DH+AES:RSA+AES:!ECDH+3DES:!DH+3DES:!RSA+3DES:!aNULL:!MD5:!DSS;
> ssl_verify_depth 1;
> keepalive_timeout 70;
> fastcgi_param SSL_VERIFIED $ssl_client_verify;
> fastcgi_param SSL_CLIENT_SERIAL $ssl_client_serial;
> fastcgi_param SSL_CLIENT_CERT $ssl_client_cert;
> fastcgi_param SSL_DN $ssl_client_s_dn;
> error_log /var/log/httpd/domains/****.tk.error.log error;

[...]

> В чем может быть дело?

В случае ошибок проверки сертификата - подробности логгируются в
error log на уровне info.

--
Maxim Dounin
http://mdounin.ru/
_______________________________________________
nginx-ru mailing list
nginx-ru@nginx.org
http://mailman.nginx.org/mailman/listinfo/nginx-ru
Subject Author Posted

400 Bad RequestThe SSL certificate error

monah1983 February 27, 2018 09:30AM

Re: 400 Bad RequestThe SSL certificate error

Maxim Dounin February 27, 2018 10:34AM

Re: 400 Bad RequestThe SSL certificate error

monah1983 February 27, 2018 10:50AM

Re: 400 Bad RequestThe SSL certificate error

monah1983 February 27, 2018 10:51AM

Re: 400 Bad RequestThe SSL certificate error

monah1983 February 27, 2018 11:17AM

Re: 400 Bad RequestThe SSL certificate error

Maxim Dounin February 27, 2018 12:42PM

Re: 400 Bad RequestThe SSL certificate error

Maxim Dounin February 27, 2018 12:54PM

Re: 400 Bad RequestThe SSL certificate error

monah1983 February 27, 2018 01:09PM

Re: 400 Bad RequestThe SSL certificate error

Maxim Dounin February 27, 2018 01:04PM

Re: 400 Bad RequestThe SSL certificate error

monah1983 February 27, 2018 01:49PM



Sorry, only registered users may post in this forum.

Click here to login

Online Users

Guests: 119
Record Number of Users: 6 on February 13, 2018
Record Number of Guests: 421 on December 02, 2018
Powered by nginx      Powered by FreeBSD      PHP Powered      Powered by MariaDB      ipv6 ready