multiple CAs in ssl_client_certificate does not work for me
brunoa
nginx-forum at nginx.us
Thu Apr 3 11:10:30 UTC 2014
Hello,
I've seen from the doc and from this post
(http://forum.nginx.org/read.php?2,229129,229132#msg-229132) that it is
possible to specify multiple CAs in ssl_client_certificate directive.
I have nginx version 1.1.19.
here is my config:
server {
listen 443;
server_name mydomain.com;
root /usr/share/nginx/www;
ssl on;
ssl_certificate /etc/ssl/selfsigned/myssl.crt;
ssl_certificate_key /etc/ssl/selfsigned/myssl.key;
ssl_client_certificate /etc/ssl/ca.pem;
ssl_verify_depth 3;
ssl_verify_client on;
ssl_ciphers ALL:!ADH:+HIGH:+MEDIUM:+LOW:+SSLv2:+EXP;
ssl_prefer_server_ciphers on;
error_page 500 502 503 504 /50x.html;
location = /50x.html {
root /usr/share/nginx/www;
}
}
The ca.pem file contains 2 certificates:
# cat ca.pem
-----BEGIN CERTIFICATE-----
<content of 1st certificate>
-----END CERTIFICATE-----
-----BEGIN CERTIFICATE-----
<content of 2nd certificate>
-----END CERTIFICATE-----
#
As far as I can see, the first certificate is checked, but apparently the
2nd isn't.
Any idea how I can troubleshoot that ?
Thanks,
bruno
Posted at Nginx Forum: http://forum.nginx.org/read.php?2,248955,248955#msg-248955
More information about the nginx
mailing list