mdounin at mdounin.ru
Wed Apr 26 14:14:23 UTC 2017
On Wed, Apr 26, 2017 at 07:15:13AM +1000, Alex Samad wrote:
> On 26 April 2017 at 00:32, Maxim Dounin <mdounin at mdounin.ru> wrote:
> > *) Change: SSL renegotiation is now allowed on backend connections.
> What does this mean ?
> reason I am asking is I would like to setup a site say example.com, that is
> SSL, with no need for client certs at root URI
> but I would like to force a reneg at say /private/<...>
> is that possible ..(I know its not backend, my hope is that if the code is
> there for the backend, then it might be available at the front end as well)
No, it is not possible to client certificates only for some URIs
in nginx, and unlikely will be possible in the foreseeable future.
This is implemented by some other servers though, and in the past
there were several reports about interoperability problems with
such servers when nginx talked to them via proxy_pass. For
additional details see http://hg.nginx.org/nginx/rev/ac9b1df5b246.
More information about the nginx