Hi All, we tried to install an updated module for the SSL fingerprint in Nginx https://github.com/salesforce/ja3 but some modules like https://github.com/phuslu/nginx-ssl-fingerprint aren't compatible with OpenSSL 3. Could you help us if it's possible to configure this fingerprint implementation? Thanks, Marcello _______________________________________________ nginx mailing list nginx@nginx.orgby cello86@gmail.com - Nginx Mailing List - English
Hi Francis, I need to use if to configure some behavior during the ssl client authentication because it's enabled at server block and we need to exclude some locations from the authentication. Marcelloby cello86@gmail.com - Nginx Mailing List - English
Hi Max. In our idea with this configuration all the requests use the sslclient logformat and in case of failure with the certificate the logformat that will be used is sslclientfull. Into the location / we enable the ssl_verify_client to optional and actually we have some if with the variabile $ssl_client_verify to provide a customized message to the users. It seems that the set variable is noby cello86@gmail.com - Nginx Mailing List - English
Hi Maxim, I tried to configure the location with this example: server { access_log logs/access_log sslclient; location / { if ($ssl_client_verify != "SUCCESS") { set $loggingcert 1; } access_log logs/access_log sslclientfull if=$loggingcert; } } I noticed that all the request inherit the first access_loby cello86@gmail.com - Nginx Mailing List - English
Hi All, we tried to add some debug information into our access_log for a service with a client certificate authentication. Actually we print some information related to the clients but we would print into the logs the client certificate sent by the client during the handshake in case of error. We tried to put the generic logformat into the server block and another logformat into the if condition,by cello86@gmail.com - Nginx Mailing List - English