Open vivekch0976 opened 1 week ago
hi @vivekch0976,
could you share your ssl-client_certificate.conf
file? How do your rules look like?
And also please take a look about the new issue page: choose a version and please fill that carefully. Eg. we need to know the versions, etc..
Hello @airween here it is.
SecRule REQUEST_HEADERS:X-SSL-CERT "contains '<client-crt-cn>'" \
"id:1001,phase:1,t:none,log,pass,msg:'Allowed SSL certificate'"
Thanks,
are you sure the X-SSL-CERT
header is there?
You can set up your debug log:
SecDebugLogLevel 9
SecDebugLog /var/log/nginx/modsec_debug.log
Restart your Nginx and check again. You have to see the rule's result in that log, eg
.... Rule returned 0.
or
.... Rule returned 1.
If the value is 0 then it means:
Hello, yes header is there in my own nginx conf file
if ($ssl_client_verify = SUCCESS) {
add_header X-SSL-CERT $ssl_client_s_dn;
}
# Optional: Respond with 400 if the certificate is not valid
if ($ssl_client_verify != SUCCESS) {
return 400 "Client certificate required and not provided or invalid.";
}
but still i am not able to see anything logs, i am doing testing via curl command (sudo curl -v --insecure --key client.pem --cert client.crt --cacert /etc/nginx/ssl/ca.crt https://
Describe the bug
I am trying to enable allowing specific ssl certificate, I already set rules inside /etc/nginx/modsec/rules/ssl-client_certifcate.conf and also configure ngix for taking this certificate. I am able to do curl with client cert and key but its not logging inside modsec_audit.log.