I use Nginx for client-side-authentification. Only the SSL-certificates from the User CA should have access to the application. The CA hierachy:
Root CA | Intermediate CA | User CA
So ssl_verify_depth (maximum verification depth) =3
Each CA has a crl.
For Nginx I need one crl-document.
Do I need to combine the CRLs of Root CA, Intermediate CA and User CA?
Thank you very much. Unfortunately I couldn’t find any related questions, (and I apologize if this is a stupid beginner’s question.)