Maxim Dounin mdounin at
Wed Apr 26 14:14:23 UTC 2017


On Wed, Apr 26, 2017 at 07:15:13AM +1000, Alex Samad wrote:

> On 26 April 2017 at 00:32, Maxim Dounin <mdounin at> wrote:
> >
> >     *) Change: SSL renegotiation is now allowed on backend connections.
> >
> What does this mean ?
> reason I am asking is I would like to setup a site say, that is
> SSL, with no need for client certs at root URI
> but I would like to force a reneg at say /private/<...>
> is that possible ..(I know its not backend, my hope is that if the code is
> there for the backend, then it might be available at the front end as well)

No, it is not possible to client certificates only for some URIs 
in nginx, and unlikely will be possible in the foreseeable future.  
This is implemented by some other servers though, and in the past 
there were several reports about interoperability problems with 
such servers when nginx talked to them via proxy_pass.  For 
additional details see

Maxim Dounin

More information about the nginx mailing list