Custom nginx error page for "SSL Certificate Error"

Question

Custom nginx error page for "SSL Certificate Error"

If the client selects an expired certificate, the nginx server will display a built-in error page.

<html> <head><title>400 The SSL certificate error</title></head> <body bgcolor="white"> <center><h1>400 Bad Request</h1></center> <center>The SSL certificate error</center> <hr><center>nginx</center> </body> </html>

How can I catch an error and show the client another page?

+5

ssl nginx ssl-certificate client-certificates

user3138912 Nov 06 '15 at 5:43

source share

2 answers

dommyet · Answer 1 · 2016-02-07T10:52:19+0000

Refer to http://nginx.org/en/docs/http/ngx_http_ssl_module.html#errors

Defining an error page for code 400 will fail. Working approach

 server { ... error_page 495 496 497 https://www.google.com; ... }

Thus, the user was unable to send a valid certificate, will be redirected to google.com. This will work if ssl_verify_client set to on or optional .

Another approach only works when $ssl_verify_client set to optional , you can use $ssl_client_verify for redirection.

 if ($ssl_client_verify = NONE) { return 303 https://www.google.com; }

If $ssl_verify_client set to on , it will not work.

permission_denied · Answer 2 · 2017-07-13T17:25:14+0000

There is a way to show the client a different page. The way you do this is basically the same as above, but instead you change the google site to the page you created:

 server { ... error_page 495 496 497 /error400.html; ... }

Just include all user pages in each server instance.

Custom nginx error page for "SSL Certificate Error"

More articles: