I'm a big fan of throw-away certificates, i.e., self-signed certificates you
may dispose of any time. It seems, the generation of proper certificates is
still a mystery to some, so let me briefly include a recipe how to create
them:
Create a cert-client.conf of the following form:
---
> I will search for this. Not sure how to add this info to my logs, or
> whether it logs failures too?
$ssl_client_verify - contains the verification status
You have to define a custom log_format
(http://nginx.org/en/docs/http/ngx_http_log_module.html#log_format )
For example:
log_format cli
On 8/30/2019 12:33 PM, Reinis Rozitis wrote:
When this is all done, and I import the p12 client certificate on my Windows PCs (tested
2) Chrome and Firefox show me the "400 Bad Request\n No required SSL certificate was
sent". The very strange thing is IE11 on one of the two PCs, actually prom
> When this is all done, and I import the p12 client certificate on my Windows
> PCs (tested 2) Chrome and Firefox show me the "400 Bad Request\n No required
> SSL certificate was sent". The very strange thing is IE11 on one of the two
> PCs, actually prompts me to use my newly-installed cert t
I have been trying to configure client certificates (really just one
cert for now) for two days on CentOS 7, Nginx 1.16.1, and have had very
limited success.
I have tried various online guides and they are mostly the same - but
all have resulted in the same exact scenario. One such guide is h
