SSL Client Authentication

Dustin Oprea myselfasunder at
Mon May 12 14:41:47 UTC 2014

I have the following *server* configuration for client-authentication:

    ssl on;
    ssl_certificate     /.../deploy_api_certificate.pem;
    ssl_certificate_key /.../deploy_api_private.pem;

    ssl_client_certificate /.../ca_cert.pem;
    ssl_verify_client on;
    ssl_verify_depth 1;

It looks like I get a "Bad Request" (400) when I use a certificate signed
by a different CA. So, what's the point of the *ssl_client_verify* variable?

-------------- next part --------------
An HTML attachment was scrubbed...
URL: <>

More information about the nginx mailing list