Hello.
I work on a project that provides an mTLS scenario,
but the clients need to use self-signed certificate during the handshake phase.
It is a scenario expected by oauth2 / openID.
I need to instruct nginx so that the SSL Certificate Request message contains the list of supported CAs as empty.
The ssl protocol provides this option that allows clients to submit a self-signed certificate and not a certificate imposed by the CA supported by the server.
Could you explain to me how I can achieve this scenario?
I thank you for the support
I work on a project that provides an mTLS scenario,
but the clients need to use self-signed certificate during the handshake phase.
It is a scenario expected by oauth2 / openID.
I need to instruct nginx so that the SSL Certificate Request message contains the list of supported CAs as empty.
The ssl protocol provides this option that allows clients to submit a self-signed certificate and not a certificate imposed by the CA supported by the server.
Could you explain to me how I can achieve this scenario?
I thank you for the support