Validate Client certificate SDN fields (CN, OU, O, etc..) at Nginx

sandeepkolla99 nginx-forum at nginx.us
Wed Nov 26 16:24:45 UTC 2014


Hi Francis,
  Thanks for your quickest response. 

 My nginx.cong is like this:

        ssl_certificate server.pem;
        ssl_certificate_key server.key;
        ssl_client_certificate ca.pem;
        ssl_verify_client on; 

I'm able to verify client certificate successfully. Now, additionally I want
perform the following three validations on client certificate 

I want to check if
1.  subject distinguished "OU" value of client certificate is some
"myOU"(its just an example string),
2.  subject distinguished "O" value of client certificate is some "myO"(its
just an example string),                                                    
                   
3.  subject distinguished "CN" value of client certificate is "myCN" (its
just an example string). 

I'm trying to find the nginx configuration statements to implement these
validations. Please let me know if I need to elaborate this further.

Regards,
Sandeep

Posted at Nginx Forum: http://forum.nginx.org/read.php?2,255115,255156#msg-255156



More information about the nginx mailing list