On Fri, Aug 02, 2019 at 04:34:37AM -0400, cell...@gmail.com wrote:
Hi there,
> I need to use if to configure some behavior during the ssl client
> authentication because it's enabled at server block and we need to exclude
> some locations from the authentication.
The report I thought I was respo
Hi Francis,
I need to use if to configure some behavior during the ssl client
authentication because it's enabled at server block and we need to exclude
some locations from the authentication.
Marcello
Posted at Nginx Forum:
https://forum.nginx.org/read.php?2,284984,285085#msg-285085
__
On Thu, Aug 01, 2019 at 01:16:45PM +0200, Marcello Lorenzi wrote:
Hi there,
just as a small interruption...
> It seems that the set variable is not
> working into the if statement.
"if" inside "location" is not great to use, unless you know what it does.
> We can’t use the “map” parameter beca
Hi Max.
In our idea with this configuration all the requests use the sslclient
logformat and in case of failure with the certificate the logformat that
will be used is sslclientfull.
Into the location / we enable the ssl_verify_client to optional and
actually we have some if with the variabile
Hello!
On Fri, Jul 26, 2019 at 03:49:05PM +0200, Marcello Lorenzi wrote:
> Hi Maxim,
> I tried to configure the location with this example:
>
> server {
> access_log logs/access_log sslclient;
>
> location / {
>
> if ($ssl_client_verify != "SUCCESS") {
>
Hi Maxim,
I tried to configure the location with this example:
server {
access_log logs/access_log sslclient;
location / {
if ($ssl_client_verify != "SUCCESS") {
set $loggingcert 1;
}
access_log logs/access_log sslclientfull
Hello!
On Thu, Jul 25, 2019 at 05:08:30AM -0400, cell...@gmail.com wrote:
> Hi All,
> we tried to add some debug information into our access_log for a service
> with a client certificate authentication. Actually we print some information
> related to the clients but we would print into the logs t
Hi All,
we tried to add some debug information into our access_log for a service
with a client certificate authentication. Actually we print some information
related to the clients but we would print into the logs the client
certificate sent by the client during the handshake in case of error. We
t
