Can I use ssl_verify_client without a prompt

chrismcv nginx-forum at
Wed Jun 4 11:15:17 UTC 2014

I'm using ssl_client_certificate, I want to set "proxy_set_header X-Cert-DN
$ssl_client_s_dn;" when I proxy.  
I've ssl_verify_client set to optional - this all works great, but in the
browser, the user gets a cert prompt.  Is there a way I can avoid the cert
prompt - so the header will get set if a cert is supplied, but otherwise it
won't prompt the user? (So curl -e cert.crt https://mysite should get the
cert header, but a browser shouldn't know about it).


Posted at Nginx Forum:,250627,250627#msg-250627

More information about the nginx mailing list