V2EX = way to explore
V2EX 是一个关于分享和探索的地方
Sign Up Now
For Existing Member Sign In
› NGINX
› NGINX Trac
› 3rd Party Modules
› Security Advisories
› CHANGES
› OpenResty
› ngx_lua
› Tengine
在线学习资源
› NGINX 开发从入门到精通
NGINX Modules
› ngx_echo
This topic created in 2112 days ago, the information mentioned may be changed or developed.
如题,现在代码
ssl_certificate cert/XX.crt;
ssl_certificate_key cert/XX.key;
ssl_trusted_certificate cert/chain.crt;
双向认证时能用原来的数字证书吗?
ssl_certificate cert/XX.crt;
ssl_certificate_key cert/XX.key;
ssl_trusted_certificate cert/chain.crt;
双向认证时能用原来的数字证书吗?
 |
1
xooass Jul 15, 2020
加
ssl_client_certificate ssl/cacert.pem; ssl_crl ssl/ca.crl; ssl_verify_client on; 双向认证两边的证书是分开,互不关联的,你原来的数字证书那边啥都不用动 |
 |
2
alpinefly OP @xooass 个人想使用 免费的邮箱证书,不知道有什么要改,试了半天不行。Sectigo 的免费邮箱证书,ssl_client_certificate 就应该是它的根证书?
|
|
3
alpinefly OP 用自签的根证书签发后可以,但是用免费的邮箱证书不行。
|
Select Language