On Wed, Oct 03, 2012 at 12:55:15PM -0400, Eric O'Connor wrote:
> Great!
>
> Here is a short [English] documentation patch to match. Unfortunately,
> I do not speak Russian. Извините.

Here's the cleaned up version:

%%%
Index: ngx_http_ssl_module.xml
===================================================================
--- ngx_http_ssl_module.xml (revision 712)
+++ ngx_http_ssl_module.xml (working copy)
@@ -10,7 +10,7 @@
<module name="Module ngx_http_ssl_module"
link="/en/docs/http/ngx_http_ssl_module.html"
lang="en"
- rev="2">
+ rev="3">

<section id="summary">

@@ -481,7 +481,7 @@
<directive name="ssl_verify_client">
<syntax>
<literal>on</literal> | <literal>off</literal> |
- <literal>optional</literal></syntax>
+ <literal>optional</literal> | <literal>optional_no_ca</literal></syntax>
<default>off</default>
<context>http</context>
<context>server</context>
@@ -490,6 +490,12 @@
Enables the client certificate verification.
The <literal>optional</literal> parameter (0.8.7+) requests the client
certificate and verifies it if it was present.
+The <literal>optional_no_ca</literal> parameter (1.3.7) requests the client
+certificate but performs no certificate chain verification.
+This is intended to be used with a
+<link doc="ngx_http_proxy_module.xml" id="proxy_set_header"/> directive
+to pass the <var>$ssl_client_cert</var> variable to a server that performs
+verification.
The result of verification is stored in the
<var>$ssl_client_verify</var> variable.
</para>
%%%

_______________________________________________
nginx-devel mailing list
nginx-devel@nginx.org
http://mailman.nginx.org/mailman/listinfo/nginx-devel