6baadde118e2a1f33659feb9ece787fb.gif
直接在location中增加ssl_verify_client on的话会报错:

nginx: [emerg] “ssl_verify_client” directive is not allowed here

规避一下:

server
    {
    listen 443 ssl;
    ...
    #不强制开启
    ssl_verify_client optional;
    ssl_client_certificate ssl/client.cer;

    location / {
        #不传证书的话重定向掉
        if ($ssl_client_verify != SUCCESS) {
            return 403 'ssl_verify_client location!';
        break;
        ...
    }
    location /public {
        ...
    }

发表评论

您的电子邮箱地址不会被公开。 必填项已用*标注

Captcha Code