id summary reporter owner description type status priority milestone component version resolution keywords cc uname nginx_version 2131 NGNIX needs root cert in the chain for Client validation. vasu767@… "In a CA ca hierarchy sub-ca/issuing CA issues the cert to two device and mutual authentication needs to happen. Sub-CA/Issuing CA wont issue the root ca public cert. CA-offline------> Sub-ca-------> ngnix server | V client When a client and ngnix server get the certificate from the subca. When client sent a request to authenticate it will fail with 400 BAD request. As soon as I add the rootCA public cert it authenticates. Ngnix code used in IoT platform might require a manual process to copy the root ca public key to millions of devices. There should be a way to authenticate the client and server with the Sub-ca certificate itself." enhancement new minor nginx-core 1.19.x 1.2