SSL Authentication: $ssl_client_verify
Maxim Dounin
mdounin at mdounin.ru
Fri May 16 11:04:35 UTC 2014
Hello!
On Fri, May 16, 2014 at 12:37:44AM -0400, Dustin Oprea wrote:
> I have the following server configuration for client-authentication:
>
> ssl on;
> ssl_certificate /.../certificate.pem;
> ssl_certificate_key /.../private.pem;
>
> ssl_client_certificate /.../ca_cert.pem;
> ssl_verify_client on;
> ssl_verify_depth 1;
>
> It looks like I get a "Bad Request" (400) when I use a certificate signed
> by a different CA. So, what's the point of the ssl_client_verify variable?
>
> From Nginx's SSL module documentation (
> http://nginx.org/en/docs/http/ngx_http_ssl_module.html):
>
> $ssl_client_verify
>
> returns the result of client certificate verification: “SUCCESS”,
> “FAILED”, and “NONE” if a certificate was not present;
Answer was already given to your previous message 4 days ago, see
here:
http://mailman.nginx.org/pipermail/nginx/2014-May/043552.html
--
Maxim Dounin
http://nginx.org/
More information about the nginx
mailing list