Client Certificate OCSP validate

itplayer nginx-forum at
Sat Apr 13 07:16:47 UTC 2019

I'm wondering that if NGINX currently(I use 1.14.1) support client
certificate OCSP validation?
The use case is when client try to login our web application, NGINX sit in
front of the application as reverse-proxy, does NGINX can verify the client
cert to make sure the client cert doesn't revoked by authority?

If yes, my configuration below is correct?

        ssl_stapling            on;
        resolver      ;
        ssl_stapling_verify     on;
        ssl_trusted_certificate /etc/nginx/test/ca_chains.pem;

Thanks in advanced.

Posted at Nginx Forum:,283763,283763#msg-283763

More information about the nginx mailing list