Forum: NGINX OCSP validation of client certificates

Announcement (2017-05-07): www.ruby-forum.com is now read-only since I unfortunately do not have the time to support and maintain the forum any more. Please see rubyonrails.org/community and ruby-lang.org/en/community for other Rails- und Ruby-related community platforms.
2974d09ac2541e892966b762aad84943?d=identicon&s=25 nginx_developer (Guest)
on 2014-01-02 23:04
(Received via mailing list)
Hi Forum,
       I see that nGinx supports configuration to perform OCSP
validation of
server side certificates and staple the validation response to the
client.
My question is whether nGinx supports OCSP validation of client
presented
certificates.

I seem to hit a dead end with documentation for that question. Would be
helpful if someone could answer this.

Thanks in advance for your time.

Posted at Nginx Forum:
http://forum.nginx.org/read.php?2,245958,245958#msg-245958
A8108a0961c6087c43cda32c8616dcba?d=identicon&s=25 Maxim Dounin (Guest)
on 2014-01-03 04:18
(Received via mailing list)
Hello!

On Thu, Jan 02, 2014 at 05:03:36PM -0500, nginx_developer wrote:

> Hi Forum,
>        I see that nGinx supports configuration to perform OCSP validation of
> server side certificates and staple the validation response to the client.
> My question is whether nGinx supports OCSP validation of client presented
> certificates.
>
> I seem to hit a dead end with documentation for that question. Would be
> helpful if someone could answer this.

No.  Only explicitly loaded CRLs are supported, see
http://nginx.org/r/ssl_crl.

--
Maxim Dounin
http://nginx.org/
This topic is locked and can not be replied to.