I was wondering if caching whitelisted certificates' thumbprints somewhere and then verifying against this per request would work? One approach could be storing these thumprints in Memcached and querying using Lua? Or is there a more straightforward/efficient approach?by paddy3883 - Nginx Mailing List - English
I'm currently working on POC for my company which is looking to use NGINX to validate API Requests using Client Side Certificates. Presently we have it setup so we are self signing/generating these certificates on the local machine and are able to use these successfully in our tests. We are also able to use the revocation list to disable generated certificates. Moving forward it is possible weby paddy3883 - Nginx Mailing List - English