Client certificates and check for DN?

rainer at ultra-secure.de rainer at ultra-secure.de
Wed Feb 28 13:39:23 UTC 2018


Hi,

it seems most examples, even for apache, seem to assume that the client 
certificates are issued by your own CA.
In this case, you just need to check if your certificates were issued by 
this CA - and if they're not, it's game over.


However, I may have a case where the CA is a public CA and the client 
certificates need to be verified down to the correct O and OU.

How do you do this with nginx?

Something along these lines:

https://www.tbs-certificates.co.uk/FAQ/en/183.html


Best Regards
Rainer


More information about the nginx mailing list