Can I install and configure nginx to use a “public”/global CA’s SSL
Certificate like Verisign, AND force (require) the use of client SSL
certificates, AND allow those client/browser-certificates to be from a
different CA/root? For example, openca or some self-signed setup that I
use to just distribute client certificates to my registered users?
Let me know if I am not asking the question correctly.
I didn’t double-check yet, but it looks like if I set this up, and the
client does not have a client-side certificate, nginx is returning
either a 400 (or more likely a 403)? Is there any way I can be entirely
“rude” and re-map the return code if you do not have a client
certificate to 444?
On Thu, Oct 11, 2012 at 11:35:16AM -0400, AJ Weber wrote:
I didn’t double-check yet, but it looks like if I set this up, and
the client does not have a client-side certificate, nginx is
returning either a 400 (or more likely a 403)? Is there any way I
can be entirely “rude” and re-map the return code if you do not have
a client certificate to 444?