配置信息:

1
2
3
4
5
6
7
8

listen 443;
server_name wenzhixin.net.cn;

ssl on;
ssl_certificate /etc/ssl/certs/wenzhixin_net_cn.crt;
ssl_certificate_key /etc/ssl/private/wenzhixin_net_cn.key;
ssl_client_certificate /etc/ssl/certs/wenzhixin_net_cn-bundle;
ssl_verify_client optional;

配置下面:

1
2

ssl_client_certificate /etc/ssl/certs/wenzhixin_net_cn-bundle;
ssl_verify_client optional;

是为了解决:

1

unable to get local issuer certificate

的问题。