How to read all client chain certificates from fastcgi request.
nginx-forum at nginx.us
Thu May 9 09:01:17 UTC 2013
I configured my nginx with openssl as below:
ssl_certificate <Combined Server certificate and Root CA
ssl_certificate_key <Server Key>
ssl_client_certificate <Root CA certificate>
>From client code I am sending client certificate as bellow
RootCA -> IntermediateCA -> Client
By using curl :
curl_easy_setopt(curl, CURLOPT_SSLCERTTYPE, "PEM");
curl_easy_setopt(curl,CURLOPT_SSLCERT,"ClientCom.crt"); // This file
having three certificates
curl_easy_setopt(curl, CURLOPT_KEYPASSWD, pPassphrase);
curl_easy_setopt(curl, CURLOPT_SSLKEYTYPE, "PEM");
My Server Code: As soon as nginx server gets any request from client, below
call would be triggered from my Server as below.
ReadTLSSessionData (FCGX_Request *request)
Here I am receiving only one certificate from these environmental variables.
But, I want to read all three certificates which client sending in PEM
format. Then I have to verify the extensions.
What is the environmental variable which gives all certificates from
Below is my fastcgi.conf file:
fastcgi_param SSL_CLIENT_CERT $ssl_client_cert;
fastcgi_param SSL_CLIENT_RAW_CERT $ssl_client_raw_cert;
fastcgi_param SSL_CLIENT_S_DN $ssl_client_s_dn;
fastcgi_param SSL_CLIENT_I_DN $ssl_client_i_dn;
fastcgi_param SSL_CLIENT_SERIAL $ssl_client_serial;
Can anybody help me in this aspect!!!
Posted at Nginx Forum: http://forum.nginx.org/read.php?2,239048,239048#msg-239048
More information about the nginx