On Wed, Feb 03, 2016 at 09:37:25AM +0100, Aleksandar Lazic wrote: > Am 02-02-2016 23:22, schrieb Alex Samad:
Hi there, > Cool it would be nice if you can tell us if it's works and how was > your solution ;-) I think that "location" does not take variables, and so this will not work. More below. > >On 2 February 2016 at 20:56, Aleksandar Lazic <al-ng...@none.at> wrote: > >>Am 02-02-2016 04:32, schrieb Alex Samad: > >>>Is it possible with nginx to do this > >>> > >>>https://www.abc.com > >>>/ > >>>/noclientcert/ > >>>/clientcert/ > >>> > >>>so you can get to / with no client cert, but /clientcert/ you need a > >>>cert, but for /noclientcert/ you don't need a cert. > >>> > >>>Looks like from the config doco you can only set it for the > >>>whole tree ... Untested by me, but if you set ssl_verify_client optional; and then within your location ^~ /clientcert/ {} you have something like if ($ssl_client_verify != SUCCESS) { return 403; } would that fit your needs? (If the content below /clientcert/ is all handled by an external process, then possibly it could do its own validation or verification using values provided by nginx.) http://nginx.org/r/$ssl_client_verify for some details. Good luck with it, f -- Francis Daly fran...@daoine.org _______________________________________________ nginx mailing list nginx@nginx.org http://mailman.nginx.org/mailman/listinfo/nginx