[LRUG] SSL client certificates
ticktockhouse at gmail.com
Wed Jun 17 08:11:18 PDT 2020
I posted an answer to your question on SO:
On Wed, 17 Jun 2020 at 15:17, Tim Diggins <tim at red56.uk> wrote:
> Hi Andrew
> Just read your SO post and I feel your pain. I just spent hours trying to
> get a CA chain (purely in a server cert) to work by concatenating various
> intermediate certs into a pem and it was a vale of tears (in the end found
> a mechanism to download the correctly concatenated CA chain from my cert
> provider, so while I learned a lot about openssl, I did reach the edge of
> my understanding which turned out to be not that far). It's also a
> nightmare when you don't have usable access credentials your users do
> (whether certs or active directory config or whatever).
> You may have considered this already, but it might be worth checking
> whether you can set this up correctly by creating a self-signed Certificate
> Authority, creating some certs with it, and then setting up a staging nginx
> server with a parallel config to your live one and see if it works
> correctly. Seems like this might not take that long to do and might give
> you some insight as to which of your assumptions are correct.
> all best
> On Wed, 17 Jun 2020 at 14:23, Andrew Stewart <boss at airbladesoftware.com>
>> Hello LRUG!
>> Are you (a) handy with SSL and (b) bored?
>> I'm trying to get Nginx to validate client SSL certificates signed by
>> MIT's certificate authority:
>> But I'm stuck. Any help would be much appreciated.
>> Many thanks!
>> Andrew Stewart
>> Chat mailing list
>> Chat at lists.lrug.org
>> Archives: http://lists.lrug.org/pipermail/chat-lrug.org
>> Manage your subscription: http://lists.lrug.org/options.cgi/chat-lrug.org
>> List info: http://lists.lrug.org/listinfo.cgi/chat-lrug.org
> Chat mailing list
> Chat at lists.lrug.org
> Archives: http://lists.lrug.org/pipermail/chat-lrug.org
> Manage your subscription: http://lists.lrug.org/options.cgi/chat-lrug.org
> List info: http://lists.lrug.org/listinfo.cgi/chat-lrug.org
Telephone: +44 (0)7492 910225
-------------- next part --------------
An HTML attachment was scrubbed...
More information about the Chat