Opened 10 years ago
Last modified 6 years ago
#318 new enhancement
Change response behavior when SSL client certificate won't validate
|Reported by:||Sebastian Wyder||Owned by:|
Currently if nginx receives an SSL client certificate that is invalid, nginx returns a 400 Bad Request. This also gets triggered if no certificate was submited.
This is not good because most user-agents (browsers) then won't prompt the user for a certificate again till the user quits the browser. Instead nginx should, like Apache and other webservers, respond with an SSL connection error so that clients know that there was a connection error and then can reprompt for a certificate.
Change History (1)
comment:1 by , 6 years ago
Note: See TracTickets for help on using tickets.
Do you have some plans for this issue?