Verify client certificate, but ignore expiration date

Gelonida gelonida at gmail.com
Tue Dec 27 12:34:07 UTC 2011


I wanted to know whether I can configure nginx to verify client 
certificates and reject them if invalid.

However I would like to exclude the expiration date from the validation 
step.

The context is rather simple.

I have some embedded devices trying to connect to a server. The client 
certificate for these devices expired and for a certain time I will be 
unable to update them.

Instead of disabling client certificates I would like to 'just' ignore 
the expiration date.

Ideally I'd like to just ignore the expiration date of a few given 
certificates, but in my current setup even ignoring all expiration dates 
would be an option.

Is there any setup allowing this?

Thanks in advance for any suggestion of how to achieve this.





More information about the nginx mailing list