SSL client certificate

[Omar Lopez Limonta]

Hi ,
I´m trying to use SSL client authentication, and always i´m getting
400 certificate error.

My nginx version is 0.5.26 running on Ubuntu

I have this config on my nginx:

    ssl                  on;
    ssl_certificate      /etc/ssl/certificados/server.crt;
    ssl_certificate_key  /etc/ssl/privado/server.key;
    ssl_client_certificate /etc/ssl/CA/cacert.pem; #this is my CA main
certificate
    ssl_verify_client on;
    ssl_verify_depth 2;

Also I create a PKCS12 certificate for my clients using my own CA

But i´m getting 400 error when i install my pkcs12 on the client browser.

Anyone has detailed information about config SSL client Authentication
with nginx?
Can anyone help me with this problem

How do you make your Certificates?

I´m doing this to make my own certificates:

---To the Server Certificate---

openssl genrsa -des3 -out myssl.key 1024
openssl req -new -key myssl.key -out myssl.csr
openssl rsa -in myssl.key -out myssl.key
openssl x509 -req -days 365 -in myssl.csr -signkey myssl.key -out myssl.crt

---To Client Certificate---

openssl req -new -nodes -out name-req.pem -keyout privado/name-key.pem
-days 365 -config ./openssl.cnf
openssl ca -out name-cert.pem -days 365 -config ./openssl.cnf -infiles
name-req.pem
openssl pkcs12 -export -in name-cert.pem -inkey privado/name-key.pem
-certfile cacert.pem -name "USUARIOXXX" -out name-cert.p12


Thanks to all :D

-- 
Xgalaga se disfruta más sobre NetBSD sparc64

Content Rules:

 /////
 \\\///
 ///\\\ The Duke of Url.
 { O--O }
 / /\ \
 \ -- /
 [||]