Nginx ssl_trusted_certificate directive problem
niegus
nginx-forum at forum.nginx.org
Fri Jun 14 10:09:22 UTC 2019
Hi,
I have my nginx configured with client_certificate authentication:
ssl_client_certificate /etc/nginx/ssl/cas.pem;
ssl_verify_client optional;
ssl_verify_depth 2;
And is working fine, but I need to NOT send the CAs to the client during the
handshake.
I've seen
http://nginx.org/en/docs/http/ngx_http_ssl_module.html#ssl_trusted_certificate
in the documentation. So, I've changed it to:
ssl_trusted_certificate /etc/nginx/ssl/cas.pem;
ssl_verify_depth 2;
But now ssl_client_verify is always to NONE, and actually I saw in wireshark
that the client is not sending the certificate.
What am I doing wrong?
Regards.
Posted at Nginx Forum: https://forum.nginx.org/read.php?2,284531,284531#msg-284531
More information about the nginx
mailing list