On Wed, May 25, 2011 at 05:15:18AM -0400, urschrei wrote:
> Igor,
> yes, it's a client SSL cert.
You should have a CA certificate which is used to sign client certificates.
This ceritificate should be declared on server level:
server {
listen 443;
ssl on;
...
ssl_client_certificate ca-cert.pem;
ssl_verify_client on;
--
Igor Sysoev