Client Certificate OCSP validate
Frank Liu
gfrankliu at gmail.com
Sat Apr 13 07:43:15 UTC 2019
https://trac.nginx.org/nginx/ticket/1534
> On Apr 13, 2019, at 12:16 AM, itplayer <nginx-forum at forum.nginx.org> wrote:
>
> Hi,
> I'm wondering that if NGINX currently(I use 1.14.1) support client
> certificate OCSP validation?
> The use case is when client try to login our web application, NGINX sit in
> front of the application as reverse-proxy, does NGINX can verify the client
> cert to make sure the client cert doesn't revoked by authority?
>
> If yes, my configuration below is correct?
>
> ssl_stapling on;
> resolver 8.8.8.8;
> ssl_stapling_responder http://10.10.10.10:2560;
> ssl_stapling_verify on;
> ssl_trusted_certificate /etc/nginx/test/ca_chains.pem;
>
>
> Thanks in advanced.
>
> Posted at Nginx Forum: https://forum.nginx.org/read.php?2,283763,283763#msg-283763
>
> _______________________________________________
> nginx mailing list
> nginx at nginx.org
> http://mailman.nginx.org/mailman/listinfo/nginx
-------------- next part --------------
An HTML attachment was scrubbed...
URL: <http://mailman.nginx.org/pipermail/nginx/attachments/20190413/f9d5ef6a/attachment.html>
More information about the nginx
mailing list