Client certificates and check for DN?
rainer at ultra-secure.de
rainer at ultra-secure.de
Wed Feb 28 13:39:23 UTC 2018
Hi,
it seems most examples, even for apache, seem to assume that the client
certificates are issued by your own CA.
In this case, you just need to check if your certificates were issued by
this CA - and if they're not, it's game over.
However, I may have a case where the CA is a public CA and the client
certificates need to be verified down to the correct O and OU.
How do you do this with nginx?
Something along these lines:
https://www.tbs-certificates.co.uk/FAQ/en/183.html
Best Regards
Rainer
More information about the nginx
mailing list