SSL client Authentication

Nicholas Sherlock n.sherlock at
Sun Aug 10 23:42:45 UTC 2014

On 5 August 2014 02:49, Shobhit Mishra <nginx-forum at> wrote:

> However I verified using wireshark that the client is sending the
> certificate , same as the one given in ssl_client_certificate directive.

But that's not the certificate that Nginx is expecting, it expects the
client to send a certificate that has been *signed* by the

You can use the openssl command line tools to verify that your client's
cert is signed correctly:

openssl verify -verbose -CAfile NewCA_Cert.pem client_to_verify.crt

Nicholas Sherlock
-------------- next part --------------
An HTML attachment was scrubbed...
URL: <>

More information about the nginx mailing list