$ssl_client_verify not working?
Ramon_Ali
nginx-forum at forum.nginx.org
Wed Apr 13 00:01:57 UTC 2016
Hi, i was wanting to return a 403 when invalid client certificate submitted,
however Nginx 1.9.6 returning 400 Bad Request, The SSL Certificate Error.
Seems to return 403 fine when no certificate is submitted, but any clues on
getting it to return a 403 work when invalid (signed by unauthorised CA)
certificate submitted.
Nginx server block -
server {
listen 443 ssl;
server_name server.com;
ssl_certificate /etc/nginx/server.crt;
ssl_certificate_key /etc/nginx/server.key;
ssl_client_certificate /etc/nginx/client_ca.crt;
ssl_verify_client optional;
ssl_verify_depth 2;
if ($ssl_client_verify != SUCCESS ) {
return 403;
}
Posted at Nginx Forum: https://forum.nginx.org/read.php?2,266136,266136#msg-266136
More information about the nginx
mailing list