Hi Maxim,
I, naively maybe, thought the following would work. At an incoming request,
nginx checks whether the session is new or resumed.
* new: it retrieves the chain, calls X509_chain_up_ref and stores a mapping
from session ID to the chain pointer
* resumed: it retrieves the session ID, looks
Thanks for your reply, Maxim! I'll work out an alternative then.
Re. session resumption, I read in the OpenSSL docs
(https://www.openssl.org/docs/man1.1.0/man3/SSL_get0_verified_chain.html)
that OpenSSL is willing to store the chain longer than a single request, but
only if the implementing appli
I have the following certificate chain: Root certificate > Intermediate
certificate > End user certificate.
I've set up nginx as an SSL termination proxy for a backend service that
differentiates it actions based on the serial of the intermediate
certificate and the subject of the end user certif
I’m using it for termination.
Posted at Nginx Forum:
https://forum.nginx.org/read.php?2,278434,285603#msg-285603
___
nginx mailing list
nginx@nginx.org
http://mailman.nginx.org/mailman/listinfo/nginx
I have been using it for more than a year now for more than 500 IoT devices
with a cellular connection that connect on average about 4 times per day. My
experience has been very positive: easy to set up and no issues at all (both
for the 1.13.0 and the 1.13.9 patch).
As NGINX is at 1.17 already, I
