Hi,
it seems most examples, even for apache, seem to assume that the client
certificates are issued by your own CA.
In this case, you just need to check if your certificates were issued by
this CA - and if they're not, it's game over.
However, I may have a case where the CA is a public CA and the client
certificates need to be verified down to the correct O and OU.
How do you do this with nginx?
Something along these lines:
https://www.tbs-certificates.co.uk/FAQ/en/183.html
Best Regards
Rainer
_______________________________________________
nginx mailing list
nginx@nginx.org
http://mailman.nginx.org/mailman/listinfo/nginx