search for: ssl_client_certif

...rror ------------------------------------------------------------------------ nginx/0.6.39 I've tried the following: server { listen 8443; ssl on; ssl_certificate /etc/httpd/ssl/proxy-ssl.cer; ssl_certificate_key /etc/httpd/ssl/server.key; ssl_client_certificate /etc/httpd/ssl/ca-bundle.crt; ssl_verify_client on ............................................................................................. ............................................................................................. error_page 400 /400.html; loca...

...y secure in the way that the proxy should be the one speaking ssl and making client ssl certificate signature verification. I read the pound and the ngnix wiki article and i am a bit confused here. Lets see for nginx: ssl_certificate cert.pem; ssl_certificate_key cert.key; ssl_client_certificate /etc/puppet/ssl/ca/ca_crt.pem (and ssl_verify_client on; in the server setting) So here i took the debian default ssl config and added the last line ''ssl_client_certificate'' with the same cert used on the pound wiki. Does it make the things secure ? Coul...

.../etc/puppet/rack/public; ssl_certificate /var/lib/puppet/ssl/certs/bangvmpllda02.XXXXX.com.pem; ssl_certificate_key /var/lib/puppet/ssl/private_keys/bangvmpllda02.XXXXX.com.pem; ssl_crl /var/lib/puppet/ssl/ca/ca_crl.pem; ssl_client_certificate /var/lib/puppet/ssl/certs/ca.pem; ssl_ciphers SSLv2:-LOW:-EXPORT:RC4+RSA; ssl_prefer_server_ciphers on; ssl_verify_client optional; ssl_verify_depth 1; ssl_session_cache shared:SSL:128m; ssl_session...

...server { listen 192.168.122.14:8140; server_name loadbalancer01; ssl on; ssl_session_timeout 5m; ssl_certificate /var/lib/puppet/ssl/certs/loadbalancer01.pem; ssl_certificate_key /var/lib/puppet/ssl/private_keys/ loadbalancer01.pem; ssl_client_certificate /var/lib/puppet/ssl/certs/ca.pem; ssl_protocols SSLv3 TLSv1; ssl_ciphers ALL:!ADH:RC4+RSA:+HIGH:+MEDIUM:-LOW:-SSLv2:-EXP; ssl_prefer_server_ciphers on; ssl_verify_client optional; ssl_verify_depth 1; access_log logs/loadbalancer01_access.lo...

...ten 8140; ssl on; ssl_certificate /var/lib/puppet/ssl/certs/ something.pem; ssl_certificate_key /var/lib/puppet/ssl/private_keys/ something.pem; ssl_ciphers ALL:-ADH:+HIGH:+MEDIUM:-LOW:-SSLv2:- EXP; ssl_client_certificate /var/lib/puppet/ssl/ca/ca_crt.pem; ssl_verify_client on; root /var/empty; access_log /var/log/nginx/access-8140.log; proxy_redirect off; proxy_set_header Host $host; proxy_set...

...ion { server 127.0.0.1:18140; server 127.0.0.1:18141; } server { listen 8140; ssl on; ssl_session_timeout 5m; ssl_certificate /var/lib/puppet/ssl/certs/puppetmaster.pem; ssl_certificate_key /var/lib/puppet/ssl/private_keys/puppetmaster.pem; ssl_client_certificate /var/lib/puppet/ssl/ca/ca_crt.pem; ssl_ciphers SSLv2:-LOW:-EXPORT:RC4+RSA; # allow authenticated and client without certs ssl_verify_client optional; # obey to the Puppet CRL ssl_crl /var/lib/puppet/ssl/ca/ca_crl.pem; root /var/tmp;...