Yep I think thats what i was asking. We have a home grown RP at work that does it and IIS used to do it, apply cert requirements on part of the tree.
On 2 February 2016 at 20:56, Aleksandar Lazic <al-ng...@none.at> wrote: > Dear Alex. > > Am 02-02-2016 04:32, schrieb Alex Samad: >> >> Hi >> >> Is it possible with nginx to do this >> >> https://www.abc.com >> / >> /noclientcert/ >> /clientcert/ >> >> >> so you can get to / with no client cert, but /clientcert/ you need a >> cert, but for /noclientcert/ you don't need a cert. >> >> Looks like from the config doco you can only set it for the whole tree ... > > > I would try to use this directives > > http://nginx.org/en/docs/http/ngx_http_ssl_module.html#ssl_verify_client > http://nginx.org/en/docs/http/ngx_http_map_module.html > > and in a map make something like this. > > map $ssl_client_cert $clientcert { > default ""; > "~.*CLIENT_CERT_CHECK" clientcert; > } > > and > > location $clientcert { > } > > location no$clientcert { > } > > is this possible ;-)? > > BR Aleks _______________________________________________ nginx mailing list nginx@nginx.org http://mailman.nginx.org/mailman/listinfo/nginx
