Categories

See More
Popular Forum

MBA (4887) B.Tech (1769) Engineering (1486) Class 12 (1030) Study Abroad (1004) Computer Science and Engineering (988) Business Management Studies (865) BBA (846) Diploma (746) CAT (651) B.Com (648) B.Sc (643) JEE Mains (618) Mechanical Engineering (574) Exam (525) India (462) Career (452) All Time Q&A (439) Mass Communication (427) BCA (417) Science (384) Computers & IT (Non-Engg) (383) Medicine & Health Sciences (381) Hotel Management (373) Civil Engineering (353) MCA (349) Tuteehub Top Questions (348) Distance (340) Colleges in India (334)
See More
( 7 months ago )

Nginx force client certification

General Tech QA/Testing
Max. 2000 characters
Replies

usr_profile.png
Ekta Singhania

User

( 7 months ago )

I want to force client SSL certification in nginx server. I created the certificates. I added this into nginx configuration:

    ssl_client_certificate /CA/certs/cacert.pem;
    ssl_crl /CA/crl/ca.crl;
    ssl_verify_client on;
    ssl_verify_depth 2;

It is working in browsers, if certificate is not present, the error is "400 Bad Request No required SSL certificate was sent". But when I issue the command

curl https://example.com

I do not get the error about clent certificates, it returns the page.

I also added:

if ($ssl_client_verify != SUCCESS) {
   return 403;
}

but it seems like $ssl_client_verify is SUCCESS although there is no client certificate.

what's your interest


forum_ban8_5d8c5fd7cf6f7.gif