In this example ssl_client_certificate contains only root certificate without intermediate certs.
This way server wouldn't be able to check client certs coming from browser (browser sends leaf cert only, not the whole bundle)
Server needs to have intermediates too in its ssl_client_certificate file.
https://smallstep.com/hello-mtls/doc/server/nginx
In this example ssl_client_certificate contains only root certificate without intermediate certs. This way server wouldn't be able to check client certs coming from browser (browser sends leaf cert only, not the whole bundle)
Server needs to have intermediates too in its ssl_client_certificate file.