SSL client auth in nginx with multiple server section
Posted
by
Bastien974
on Server Fault
See other posts from Server Fault
or by Bastien974
Published on 2014-06-04T14:50:21Z
Indexed on
2014/06/04
15:28 UTC
Read the original article
Hit count: 264
I want to implement ssl_verify_client in nginx.
This works perfectly when I only have one server section, which listen to 443. In my case I have multiple, all listening on 443 but to different server_name.
For one particular server (proxy.mydomain.com), I'm adding the SSL client verify, but when I test the connectivity with openssl s_client -connect proxy.mydomain.com:443 -cert xxx.crt -key xxx.key
and then do a
GET / HTTP/1.1
host: proxy.mydomain.com
It's not working, 400 No required SSL certificate was sent
I think nginx is not receiving the proper server_name and is directing it to the first server listening to 443.
So I tried to listen on another port and it worked right away.
What's the issue and how can I fix it ?
© Server Fault or respective owner