Related
Joe White Nginx ssl_client_certificateand ssl_trusted_certificatedirectives can be used to allow client certificates signed by a given authority. But how to allow specific certificates? I want to filter by certificate thumbprint or by certificate authority + c
Jonathan Nagin I'm trying to setup NGINX to perform client authentication for multiple clients. My problem is that those clients will have different certificates, basically different root CAs: [clientA.crt] ClientA > IntermediateA > RootA
[clientB.crt] ClientB
Jonathan Nagin I'm trying to setup NGINX to perform client authentication for multiple clients. My problem is that those clients will have different certificates, basically different root CAs: [clientA.crt] ClientA > IntermediateA > RootA
[clientB.crt] ClientB
Jonathan Nagin I'm trying to setup NGINX to perform client authentication for multiple clients. My problem is that those clients will have different certificates, basically different root CAs: [clientA.crt] ClientA > IntermediateA > RootA
[clientB.crt] ClientB
Scorpio I have a PHP login module based on SSL client certificates. It works fine with Apache. Now I'm trying to figure out how to port this to nginx. With Apache, the contents of the certificate can be very conveniently accessed using a number of environment
tribal star I'm trying to setup nginx to match certain URLs on servers granted conditional access (ie, only servers with valid client certificates can access the zone). Currently, simple location blocking works well to prevent access by unauthorized users: loc
tribal star I'm trying to setup nginx to match certain URLs on servers granted conditional access (ie, only servers with valid client certificates can access the zone). Currently, simple location blocking works well to prevent access by unauthorized users: loc
tribal star I'm trying to setup nginx to match certain URLs on servers granted conditional access (ie, only servers with valid client certificates can access the zone). Currently, simple location blocking works well to prevent access by unauthorized users: loc
Archid After hours or research I finally gave up on this problem and need help. I configured my Nginx server to handle client authentication via certificates, it's as simple as: First, I used this tutorial to generate my client and server .crt https://fardog.i
Archid After hours or research I finally gave up on this problem and need help. I configured my Nginx server to handle client authentication via certificates, it's as simple as: First, I used this tutorial to generate my client and server .crt https://fardog.i
Lesha Ppiev I want to provide ssl support for my website under Nginx. First, I tried to use a self-signed certificate, but as you know, the browser complains The current connection cannot be trusted Second, I tried ordering a free certificate from a reputable
Lesha Ppiev I want to provide ssl support for my website under Nginx. First, I tried to use a self-signed certificate, but as you know, the browser complains The current connection cannot be trusted Second, I tried ordering a free certificate from a reputable
gtrak: How to manually check certificate revocation status in Java using OCSP, considering only the client's java.security.cert.X509Certificate? I can't see a clear way to do it. Alternatively, I can have tomcat do this for me automatically, how do you know yo
lipoprotein: I have used SecKeyGeneratePairfunctions to generate private and public keys for a Swift based iOS app . I then generated a "Certificate Signing Request" using the iOS CSR and my server replied with a certificate chain in PEM format. I use the foll
User1791139: My use case looks like I know the client's public certificate and just want to allow them. I have a go server configured based on gin and TLS where a method has been assigned to the property "VerifyPeerCertificate". The function looks like func cu
gtrak: How to manually check certificate revocation status in Java using OCSP, considering only the client's java.security.cert.X509Certificate? I can't see a clear way to do it. Alternatively, I can have tomcat do this for me automatically, how do you know yo
User1791139: My use case looks like I know the client's public certificate and just want to allow them. I have a go server configured based on gin and TLS where a method has been assigned to the property "VerifyPeerCertificate". The function looks like func cu
lipoprotein: I have used SecKeyGeneratePairfunctions to generate private and public keys for a Swift based iOS app . I then generated a "Certificate Signing Request" using the iOS CSR and my server replied with a certificate chain in PEM format. I use the foll
user 93353 The web server has settings for requesting client certificates - eg. SSLVerifyClient requireIn Apache, use other settings in IIS etc. If this setting is set, the browser will pop up a dialog asking you to select a certificate. Is it possible to requ
Anthony B Code I've been searching for weeks and can't seem to find an answer anywhere. I am trying to do the following for Android. The code is from a C# app I wrote but am porting it to Android. Web endpoints require certificates to be attached to mutual aut
Anthony B Code I've been searching for weeks and can't seem to find an answer anywhere. I am trying to do the following for Android. The code is from a C# app I wrote but am porting it to Android. Web endpoints require certificates to be attached to mutual aut
gtrak: How to manually check certificate revocation status in Java using OCSP, considering only the client's java.security.cert.X509Certificate? I can't see a clear way to do it. Alternatively, I can have tomcat do this for me automatically, how do you know yo
User1791139: My use case looks like I know the client's public certificate and just want to allow them. I have a go server configured based on gin and TLS where a method has been assigned to the property "VerifyPeerCertificate". The function looks like func cu
lipoprotein: I have used SecKeyGeneratePairfunctions to generate private and public keys for a Swift based iOS app . I then generated a "Certificate Signing Request" using the iOS CSR and my server replied with a certificate chain in PEM format. I use the foll
user 93353 The web server has settings for requesting client certificates - eg. SSLVerifyClient requireIn Apache, use other settings in IIS etc. If this setting is set, the browser will pop up a dialog asking you to select a certificate. Is it possible to requ
Deep Space 101 Edit for future readers : Unfortunately, the bounty awarded answer doesn't work;there's nothing I can do about it right now. But please read my own answer below (by testing) - confirmed to work with minimal code changes We have an Azure cloud se
Deep Space 101 Edit for future readers : Unfortunately, the bounty awarded answer doesn't work;there's nothing I can do about it right now. But please read my own answer below (by testing) - confirmed to work with minimal code changes We have an Azure cloud se
Deep Space 101 Edit for future readers : Unfortunately, the bounty awarded answer doesn't work;there's nothing I can do about it right now. But please read my own answer below (by testing) - confirmed to work with minimal code changes We have an Azure cloud se
Naftuli Kay I have a self signed root certificate and an intermediate certificate signed by that root. Basically something like this: .
└── master (CA)
└── servant1 (CA)
I have some client certificates from master->servant1certificate chain : .
└── master