SSL Client Authentication

I have the following server configuration for client-authentication:

ssl on;
ssl_certificate     /.../deploy_api_certificate.pem;
ssl_certificate_key /.../deploy_api_private.pem;

ssl_client_certificate /.../ca_cert.pem;
ssl_verify_client on;
ssl_verify_depth 1;

It looks like I get a “Bad Request” (400) when I use a certificate
signed
by a different CA. So, what’s the point of the ssl_client_verify
variable?

Dustin

Hello!

On Mon, May 12, 2014 at 10:41:47AM -0400, Dustin Oprea wrote:

It looks like I get a “Bad Request” (400) when I use a certificate signed
by a different CA. So, what’s the point of the ssl_client_verify variable?

It’s mostly useful with “ssl_verify_client optional”, see
http://nginx.org/r/ssl_verify_client for details.


Maxim D.
http://nginx.org/

This forum is not affiliated to the Ruby language, Ruby on Rails framework, nor any Ruby applications discussed here.

| Privacy Policy | Terms of Service | Remote Ruby Jobs