SSL root certificates

Igor Clark igor at pokelondon.com
Mon Mar 17 16:23:06 MSK 2008


Hi Thomas, sorry, perhaps I should have been clearer, this is just for  
the authority's root CA file.

Anyway it's fixed with Igor's help now, but thanks for your reply.

Cheers,
Igor

On 17 Mar 2008, at 12:45, Thomas wrote:

> Instead of using ssl_certificate_client, shouldn't you be using
> ssl_certificate directive?
>
> I don't have a Verisign certificate, so I can't tell if it works or  
> not.
>
> On Mon, Mar 17, 2008 at 1:34 PM, Igor Clark <igor at pokelondon.com>  
> wrote:
>> Hi there
>>
>> One of our clients has insisted on using Verisign SSL certificates.
>>
>> According to https://knowledge.verisign.com/support/ssl-certificates-support/index?page=content&id=AR657
>>  I need to install the Verisign Root CA.
>>
>> I thought I needed to add this to nginx config using
>> ssl_client_certificate but I've tried a variety of their CA certs in
>> ssl_client_certificate but I still get "This cert was signed by an
>> untrusted authority".
>>
>> I see from this mailing list message:
>>
>> On 6 Sep 2007, at 15:37, Igor Sysoev wrote:
>>
>>> ssl_client_certificate is usualy your own ceritificate, that you use
>>> to sign some certificates and give them to clients. Client should
>>> import these certificates into their browsers.
>>
>>
>> so perhaps this isn't right.
>>
>> Does anybody have experience using Verisign certs with nginx?
>> How can I add the custom Verisign root CA?
>>
>> Thanks very much,
>> Igor
>>
>> --
>> Igor Clark // POKE // 10 Redchurch Street // E2 7DD // +44 (0)20 7749
>> 5355 // www.pokelondon.com
>>
>>
>>
>>
>>
>>
>

--
Igor Clark // POKE // 10 Redchurch Street // E2 7DD // +44 (0)20 7749  
5355 // www.pokelondon.com









More information about the nginx mailing list