SSL client verification context

Igor Sysoev igor at
Thu Feb 10 16:20:51 MSK 2011

On Feb 10, 2011, at 10:36 , Matthias-Christian Ott wrote:

> Hi,
> at the moment it is only possible to set variables for SSL client
> verification in the http oder server context. I would be useful to have
> them at least in location, so that one could verify the certificate
> according to the requested directory. Would this be possible?

These are not variables, but directives.
You may try

server {
   ssl_verify_client   optional;

   location /dir/ {
       if ($ssl_client_verify != SUCCESS) {
           return 403;

Igor Sysoev

More information about the nginx-devel mailing list