SSL client certificate

Omar Lopez Limonta at
Wed Mar 19 14:24:34 MSK 2008

Hi ,
I´m trying to use SSL client authentication, and always i´m getting
400 certificate error.

My nginx version is 0.5.26 running on Ubuntu

I have this config on my nginx:

    ssl                  on;
    ssl_certificate      /etc/ssl/certificados/server.crt;
    ssl_certificate_key  /etc/ssl/privado/server.key;
    ssl_client_certificate /etc/ssl/CA/cacert.pem; #this is my CA main
    ssl_verify_client on;
    ssl_verify_depth 2;

Also I create a PKCS12 certificate for my clients using my own CA

But i´m getting 400 error when i install my pkcs12 on the client browser.

Anyone has detailed information about config SSL client Authentication
with nginx?
Can anyone help me with this problem

How do you make your Certificates?

I´m doing this to make my own certificates:

---To the Server Certificate---

openssl genrsa -des3 -out myssl.key 1024
openssl req -new -key myssl.key -out myssl.csr
openssl rsa -in myssl.key -out myssl.key
openssl x509 -req -days 365 -in myssl.csr -signkey myssl.key -out myssl.crt

---To Client Certificate---

openssl req -new -nodes -out name-req.pem -keyout privado/name-key.pem
-days 365 -config ./openssl.cnf
openssl ca -out name-cert.pem -days 365 -config ./openssl.cnf -infiles
openssl pkcs12 -export -in name-cert.pem -inkey privado/name-key.pem
-certfile cacert.pem -name "USUARIOXXX" -out name-cert.p12

Thanks to all :D

Xgalaga se disfruta más sobre NetBSD sparc64

Content Rules:

 ///\\\ The Duke of Url.
 { O--O }
 / /\ \
 \ -- /

More information about the nginx mailing list