Hello, No, it's not 2 SSL certs tied to the same IP. I have one SSL certificate installed, and one server certificate to verify clients (the "ssl_verify_client on" instruction). To connect to the public part of the website, no client certificate are required, but to view some specials pages, a client certificate is mandatory. With Apache, you can for the root location indicate tby eloril - Ideas and Feature Requests
Hello, I have tried the solution proposed by Igor Sysoev : http://forum.nginx.org/read.php?29,173747 Despite the fact it can be a little tricky with php-fpm, I did it. After a phase of testing, I applied it on a production server... but some times it doesn't work at all and the website is totally anavailable ! When you set ssl_verify_client optional; and do something like thatby eloril - Ideas and Feature Requests
I understand it is somehow difficult... But it can be very useful. Sometimes you don't have the choice to create another domain or make the check at application level. In fact I don't have the choice, but I have to protect the admin directory... As far as I understand, client and server do a renegotiation regularly, when the session cache expires... Then the server can perform a secure reneby eloril - Ideas and Feature Requests
Hello, I have a website with both frontend and backend in ssl. The frontend is allowed for everybody. But I wish the backend be allowed only with a valid client certificate. It's url is something like that : https://www.my_website.com/admin I'm trying the following config : location /admin/ { ## Allow admins only to view admin page ssl_verify_client on; ssl_verify_depth 1;by eloril - Ideas and Feature Requests
Hello, With Chrome developper's tool, i have found that the pages are compressed. I don't understand why ab shows us the original content size when I use NginX, and the deflated content size with apache. Regards, Elorilby eloril - How to...
Hello, I'm new to NgniX. I'm trying to configure NgniX 1.0.5 with SSL & Gzip support (for Magento). in my server configuration I have added : # HTTPS server server { listen 443 default; ssl on; ssl_certificate ssl.crt/wildcard.crt; ssl_certificate_key ssl.key/wildcard.key; ssl_session_timeout 10m; ssl_protocols SSLv2 SSby eloril - How to...