400 bad request with ssl_verify_client optional

Sergey Kandaurov pluknet at nginx.com
Thu Jun 28 10:06:17 UTC 2018

> On 28 Jun 2018, at 03:25, Danomi Czaski <djczaski at gmail.com> wrote:
> I get 400 bad request when client certs are used early even though I
> have ssl_verify_client optional.
> nginx: [info] 9612#0: *338 client SSL certificate verify error:
> (9:certificate is not yet valid) while reading client request headers,
> Is there anyway to ignore the time check?

No way, but you may want to try “optional_no_ca” if it’s also not trusted.

Sergey Kandaurov

More information about the nginx mailing list