SSL client Authentication
Nicholas Sherlock
n.sherlock at gmail.com
Sun Aug 10 23:42:45 UTC 2014
On 5 August 2014 02:49, Shobhit Mishra <nginx-forum at nginx.us> wrote:
> However I verified using wireshark that the client is sending the
> certificate , same as the one given in ssl_client_certificate directive.
>
But that's not the certificate that Nginx is expecting, it expects the
client to send a certificate that has been *signed* by the
ssl_client_certificate.
You can use the openssl command line tools to verify that your client's
cert is signed correctly:
openssl verify -verbose -CAfile NewCA_Cert.pem client_to_verify.crt
Cheers,
Nicholas Sherlock
-------------- next part --------------
An HTML attachment was scrubbed...
URL: <http://mailman.nginx.org/pipermail/nginx/attachments/20140811/2c5ed4ee/attachment.html>
More information about the nginx
mailing list