Verify Peer of SSL request in Proxy Module
W. Andrew Loe III
andrew at andrewloe.com
Mon Sep 12 23:58:17 UTC 2011
When reverse proxying over SSL, I would like to be able to set the
context to VERIFY_PEER and to provide my own CA file. Right now nginx
uses the OpenSSL default of VERIFY_NONE.
There appears to be some code around this in
ngx_ssl_client_certificate in ngx_event_openssl.c, but this is for
validating client certificates, not nginx acting as a client.
I am working on a patch, but if Igor or someone more experienced
already has this working, I would prefer to use that.
More information about the nginx