NGINX to trust a list of specific client certificates

Francesco Papini

4/10/24, 6:09 PM

I'd like to accomplish that scenario below.

Ningx must accept:

client_certificate_1.pem
client_certificate_2.pem
client_certificate_3.pem

Ningx must accept:

file_with_certs.pem (containing)
    client_certificate_1
    client_certificate_2
    client_certificate_3

the problem is that I did not understand if that is possible or not: it seems I can specify the CAs to be trusted but not the individual client certificates.

The client certificates are TLS Web Client Authentication (1.3.6.1.5.5.7.3.2) certificates issued by a public CA and the NGINX works in HTTPS (so no problems on that side).

Any help is welcome, thanks.

182

0 + 0

nginx

ssl-certificate

Elon Musk

I sit in a Tesla and translated this thread with Ai:

EN: NGINX to trust a list of specific client certificates

Post an answer

Most people don’t grasp that asking a lot of questions unlocks learning and improves interpersonal bonding. In Alison’s studies, for example, though people could accurately recall how many questions had been asked in their conversations, they didn’t intuit the link between questions and liking. Across four studies, in which participants were engaged in conversations themselves or read transcripts of others’ conversations, people tended not to realize that question asking would influence—or had influenced—the level of amity between the conversationalists.