Forum: NGINX OCSP validation of client certificates

2974d09ac2541e892966b762aad84943?d=identicon&s=25 nginx_developer (Guest)
on 2014-01-02 23:04
(Received via mailing list)
Hi Forum,
       I see that nGinx supports configuration to perform OCSP
validation of
server side certificates and staple the validation response to the
client.
My question is whether nGinx supports OCSP validation of client
presented
certificates.

I seem to hit a dead end with documentation for that question. Would be
helpful if someone could answer this.

Thanks in advance for your time.

Posted at Nginx Forum:
http://forum.nginx.org/read.php?2,245958,245958#msg-245958
A8108a0961c6087c43cda32c8616dcba?d=identicon&s=25 Maxim Dounin (Guest)
on 2014-01-03 04:18
(Received via mailing list)
Hello!

On Thu, Jan 02, 2014 at 05:03:36PM -0500, nginx_developer wrote:

> Hi Forum,
>        I see that nGinx supports configuration to perform OCSP validation of
> server side certificates and staple the validation response to the client.
> My question is whether nGinx supports OCSP validation of client presented
> certificates.
>
> I seem to hit a dead end with documentation for that question. Would be
> helpful if someone could answer this.

No.  Only explicitly loaded CRLs are supported, see
http://nginx.org/r/ssl_crl.

--
Maxim Dounin
http://nginx.org/
Please log in before posting. Registration is free and takes only a minute.
Existing account

NEW: Do you have a Google/GoogleMail, Yahoo or Facebook account? No registration required!
Log in with Google account | Log in with Yahoo account | Log in with Facebook account
No account? Register here.