issues w/ client certificates from a self-signed CA
Michael Barrett
loki77 at gmail.com
Thu Aug 9 04:35:37 UTC 2012
Hi, I'm trying to get client certificate authentication going using client certificates signed by a self-signed certificate authority created with openssl. After getting a bunch of '400 The SSL certificate error' errors I put nginx in debug mode and saw the following:
2012/08/08 23:22:14 [info] 27556#0: *1 client SSL certificate verify error: (18:self signed certificate) while reading client request headers, client: 50.18.140.88, server: _, request: "GET /blah/ HTTP/1.1", host: "example.com:8080"
I see that error 18 when I try to verify the client cert with the CA cert via openssl as well, but the verify still returns an 'OK' so it seems like it's more of a warning. Would that lead to the 400 error that my client is seeing? If so, is there anyway to get nginx to accept certificates signed by a self-signed CA?
I'm running nginx 1.1.19 on Ubuntu 12.04. Let me know if there's any other info you might need - thanks!
--
Michael Barrett
loki77 at gmail.com
More information about the nginx
mailing list