nginx部分location开启双向认证
直接在location中增加ssl_verify_client on
的话会报错:
nginx: [emerg] “ssl_verify_client” directive is not allowed here
规避一下:
server
{
listen 443 ssl;
...
#不强制开启
ssl_verify_client optional;
ssl_client_certificate ssl/client.cer;
location / {
#不传证书的话重定向掉
if ($ssl_client_verify != SUCCESS) {
return 403 'ssl_verify_client location!';
break;
...
}
location /public {
...
}