i use mozilla ssl configuration generator(https://mozilla.github.io/server-side-tls/ssl-config-generator/) generate nginx configuration file.
there item in configuration file, this:
ssl_trusted_certificate /path/to/root_ca_cert_plus_intermediates; i use certificate of let’s encrypt,how generate ssl_trusted_certificate ?
this needed when have client certificate verification.
syntax: ssl_trusted_certificate file; default: — context: http, server directive appeared in version 1.3.7. specifies file trusted ca certificates in pem format used verify client certificates , ocsp responses if ssl_stapling enabled. in contrast certificate set ssl_client_certificate, list of these certificates not sent clients. i believe not need you, since looking host https site. need comment directive , good.
Comments
Post a Comment