Hi
New to nginx, trying to setup a SSL reverse proxy. I have the SSL server
and client setup working, but when I add in crl pem it fails
I downloaded the CRL from verisign converted from DER to PEM format and
saved.
When I uncomment
#ssl_crl /var/www/dev.xyz.com/certs/crl.pem;
My clients fail to connect, I get an 400 error !
Not sure what the issue is ?
Thanks
Alex
{code}
server {
listen 447 ssl;
server_name dev.xyz.com;
ssl on;
ssl_protocols SSLv3 TLSv1 TLSv1.1 TLSv1.2;
ssl_ciphers
AES128-SHA:AES256-SHA:RC4-SHA:DES-CBC3-SHA:RC4-MD5;
ssl_certificate /var/www/dev.xyz.com/certs/dev.xyz.com.crt;
ssl_certificate_key /var/www/dev.xyz.com/certs/dev.xyz.com.key;
ssl_session_cache shared:SSL:10m;
ssl_session_timeout 10m;
# 1.3.7
#ssl_client_certificate
/var/www/dev.xyz.com/certs/dev.xyz.com.AcceptableUserCertsCA;
#ssl_trusted_certificate
/var/www/dev.xyz.com/certs/dev.xyz.com.UserCertsCA;
ssl_client_certificate
/var/www/dev.xyz.com/certs/dev.xyz.com.UserCertsCA;
#ssl_crl /var/www/dev.xyz.com/certs/crl.pem;
ssl_verify_client on;
ssl_verify_depth 3;
access_log /var/log/nginx/dev.xyz.com.access.log main;
error_log /var/log/nginx/dev.xyz.com.error.log warn;
location / {
root /var/www/dev.xyz.com/wwwroot/;
index index.html index.htm;
autoindex on;
}
on 2012-10-23 08:26
Enable email notification
Enable multi-page viewPlease log in before posting. Registration is free and takes only a minute.
Existing account
(Switch to SSL-encrypted connection)
NEW: Do you have a Google/GoogleMail or Yahoo account? No registration required!
Log in with Google account | Log in with Yahoo account
Log in with Google account | Log in with Yahoo account
No account? Register here.