failure to limit access to a secure area with self-signed client SSL cert fingerprint match
PGNet Dev
pgnet.dev at gmail.com
Tue Mar 21 23:02:23 UTC 2023
> What does the error_log say about this request and response?
nothing that's giving me a hint i recognize,
...
2023/03/21 18:52:14 [debug] 4955#4955: *7 http2 header: "cache-control: no-cache"
2023/03/21 18:52:14 [debug] 4955#4955: *7 http2 encoded string, len:2
2023/03/21 18:52:14 [debug] 4955#4955: *7 http2 encoded string, len:6
2023/03/21 18:52:14 [debug] 4955#4955: *7 http2 table add: "te: trailers"
2023/03/21 18:52:14 [debug] 4955#4955: *7 http2 table account: 42 free:2775
2023/03/21 18:52:14 [debug] 4955#4955: *7 http2 header: "te: trailers"
2023/03/21 18:52:14 [debug] 4955#4955: *7 http2 request line: "GET / HTTP/2.0"
2023/03/21 18:52:14 [info] 4955#4955: *7 client SSL certificate verify error: certificate status request failed while reading client request headers, client: 2401::...::1, server: example.com, request: "GET / HTTP/2.0", host: "example.com"
2023/03/21 18:52:14 [debug] 4955#4955: *7 http finalize request: 495, "/?" a:1, c:1
2023/03/21 18:52:14 [debug] 4955#4955: *7 http special response: 495, "/?"
2023/03/21 18:52:14 [debug] 4955#4955: *7 headers more header filter, uri "/"
2023/03/21 18:52:14 [debug] 4955#4955: *7 xslt filter header
2023/03/21 18:52:14 [debug] 4955#4955: *7 charset: "" > "utf-8"
2023/03/21 18:52:14 [debug] 4955#4955: *7 http2 header filter
2023/03/21 18:52:14 [debug] 4955#4955: *7 http2 push resources
2023/03/21 18:52:14 [debug] 4955#4955: *7 http2 table size update: 0
2023/03/21 18:52:14 [debug] 4955#4955: *7 http2 output header: ":status: 400"
2023/03/21 18:52:14 [debug] 4955#4955: *7 http2 output header: "date: Tue, 21 Mar 2023 22:52:14 GMT"
2023/03/21 18:52:14 [debug] 4955#4955: *7 http2 output header: "content-type: text/html; charset=utf-8"
2023/03/21 18:52:14 [debug] 4955#4955: *7 http2 output header: "content-length: 208"
2023/03/21 18:52:14 [debug] 4955#4955: *7 http2 output header: "secure: Server"
2023/03/21 18:52:14 [debug] 4955#4955: *7 http2 output header: "x-robots-tag: noindex, nofollow, nosnippet, noarchive"
2023/03/21 18:52:14 [debug] 4955#4955: *7 http2 output header: "x-download-options: noopen"
2023/03/21 18:52:14 [debug] 4955#4955: *7 http2 output header: "x-permitted-cross-domain-policies: none"
2023/03/21 18:52:14 [debug] 4955#4955: *7 http2 output header: "permissions-policy: interest-cohort=()"
2023/03/21 18:52:14 [debug] 4955#4955: *7 http2 output header: "x-xss-protection: 1; mode=block"
2023/03/21 18:52:14 [debug] 4955#4955: *7 http2 output header: "strict-transport-security: max-age=63072000; includeSubDomains; preload"
2023/03/21 18:52:14 [debug] 4955#4955: *7 http2 output header: "x-frame-options: SAMEORIGIN"
2023/03/21 18:52:14 [debug] 4955#4955: *7 http2 output header: "referrer-policy: strict-origin-when-cross-origin"
...
More information about the nginx
mailing list