Am 2018-02-28 16:41, schrieb Igor A. Ippolitov:
Hello.I'm not sure about what do you really need, but it looks like you can get almost the same result using a combination of map{} blocks and conditionals. Something like this: map $ssl_client_s_dn $ou_matched { ~OU=whatever 1; default 0; } map $ssl_client_s_dn $cn_matched { ~CN=whatever 1; default 0; } map $ou_verified$cn_verified $unauthed { ~0 1 default 0; } server { .... ssl_trusted_certificate path/to/public/certs; ssl_verify_client on; if ($unauthed) {return 403;} }
OK, thanks a lot. I'll look into it. Currently, the exact details are still a bit murky. Customer was very vague... I'll know more Friday next week. Regards, Rainer _______________________________________________ nginx mailing list nginx@nginx.org http://mailman.nginx.org/mailman/listinfo/nginx
