SSL module feature request.
hshh
hunreal at gmail.com
Thu Sep 4 06:25:44 MSD 2008
Hi,
I am about to use SSL module of Nginx. By compared with apache2
mod_ssl, its option ``SSLVerifyClient'', allow used in server config,
virtual host, directory. In Nginx, ``ssl_verify_client'' only allow
main and server sector. Apache SSLVerifyClient also support 4 levels
to verify client certificate, ``none, optional, require,
optional_no_ca''. The ``optional'' level is very usable, I hope Nginx
can support. And also support ``ssl_verify_client'' in directory
sector.
By the way, there is another question about SSL module.
I created one Root CA Certificate, one Intermediate CA Certificate (
Signed by Root CA. So it's chain certificate, isn't it? ). Then I
create one server certificate and one user certificate signed by
Intermediate CA, server certificate is used for Nginx SSL.
>From Nginx english wiki/document, ``cat chain.crt >> mysite.com.crt'',
I found that, I havn't done it, but Nginx SSL work fine.
And I must define ssl_client_certificate to use Root CA Certificate to
verify client ( also set ssl_verify_depth to 2) , I can't use
Intermediate CA to verify client, is it true?
Regards.
More information about the nginx
mailing list