Hi, I have my nginx configured with client_certificate authentication:
ssl_client_certificate /etc/nginx/ssl/cas.pem; ssl_verify_client optional; ssl_verify_depth 2; And is working fine, but I need to NOT send the CAs to the client during the handshake. I've seen http://nginx.org/en/docs/http/ngx_http_ssl_module.html#ssl_trusted_certificate in the documentation. So, I've changed it to: ssl_trusted_certificate /etc/nginx/ssl/cas.pem; ssl_verify_depth 2; But now ssl_client_verify is always to NONE, and actually I saw in wireshark that the client is not sending the certificate. What am I doing wrong? Regards. Posted at Nginx Forum: https://forum.nginx.org/read.php?2,284531,284531#msg-284531 _______________________________________________ nginx mailing list [email protected] http://mailman.nginx.org/mailman/listinfo/nginx
