I can issue certificates without a problem and I can get nginx to force users to provide a certificate but how do I get nginx to give me information about the certificate? Information such as name and serial number.
The documentation covers the various SSL variables that nginx sets.
First you have to actually set
optional (depending on your requirements). Since this can only be used in an
server block, if you only want part of your site protected by client certificates, you’ll need to use
optional and have the application check the verification result.
Then the verification result will be stored in
$ssl_client_verify and the client certificate identity will be stored in
$ssl_client_s_dn. You then only need to pass these up to your application. If you need more than the subject identity, you can pass the entire client certificate with
This work is licensed under a Creative Commons Attribution-ShareAlike 3.0 Unported License.