SSL Client Certificate Validation

dhallam nginx-forum at
Tue Mar 27 12:37:11 UTC 2018


I'm running nginx version: nginx/1.11.5 (nginx-plus-r11). I am trying to
connect a tcp client (with client cert) over SSL to nginx, where the SSL
will be validated and terminated, and then onto the upsteam server in the

I have the following configuration:

stream {
	upstream upstream_servers {
	    server localhost:80;

	server {
	    listen ssl;

	    ssl_certificate /etc/nginx/ssl/server.crt;
	    ssl_certificate_key /etc/nginx/ssl/server.key;
	    ssl_client_certificate /etc/nginx/ssl/client.crt;
	    ssl_verify_client on;

	    ssl_protocols SSLv3 TLSv1 TLSv1.1 TLSv1.2;
	    ssl_verify_depth 2;

	    proxy_pass  upstream_servers;

However, I get a '2018/03/27 12:14:35 [emerg] 18325#18325:
"ssl_client_certificate" directive is not allowed here in
/etc/nginx/conf.d/my-listener.conf:11' error when I try to start the

According to,
this seems to be a valid configuration directive. 

Would anyone be able to help identify what it is that I am missing?

Many thanks,


Posted at Nginx Forum:,279204,279204#msg-279204

More information about the nginx mailing list