Hi,
ok that makes sense.
Thank you for the feedback.
-Original Message-
From: nginx On Behalf Of Maxim Dounin
Sent: Thursday, January 6, 2022 9:36 PM
To: nginx@nginx.org
Subject: Re: OCSP, client certificate verification with chained CA
CAUTION: This email originated outside the company
Hello!
On Wed, Jan 05, 2022 at 03:33:29PM +, Marti, Ueli (Marin) wrote:
> Ok, good point thanks.
> However, it seems nginx accepts only one ssl_ocsp_responder
> instance. Or is there a syntax to specify multiple instances ?
> So this would need to be solved on the responder side which
> wou
that.
Any chance for nginx to support multiple ssl_ocsp_responder instances in the
future ?
Thanks
-Original Message-
From: nginx On Behalf Of Maxim Dounin
Sent: Wednesday, January 5, 2022 3:23 PM
To: nginx@nginx.org
Subject: Re: OCSP, client certificate verification with chained CA
Hello
Hello!
On Tue, Jan 04, 2022 at 11:10:33AM +, Marti, Ueli (Marin) wrote:
> Hi,
> i am trying to setup nginx for OCSP client certificate verification and have
> troubles getting it to work with chained CA's.
> My setup is as follows, all referenced files are in the attached archive.
> - RootCa
Good idea, i have tried it now but doesn't change anything
From: nginx On Behalf Of Vahan Yerkanian
Sent: Tuesday, January 4, 2022 2:20 PM
To: nginx@nginx.org
Subject: Re: OCSP, client certificate verification with chained CA
Have you tried increasing the depth?
ssl_verify_depth 3;
Have you tried increasing the depth?
ssl_verify_depth 3;
> On 4 Jan 2022, at 15:10, Marti, Ueli (Marin)
> wrote:
>
> Hi,
> i am trying to setup nginx for OCSP client certificate verification and have
> troubles getting it to work with chained CA's.
> My setup is as follows, all referenced
