nginx proxy + ssl +clr "400 bad request" error

Solution 1:

Same answer as here: https://serverfault.com/a/676498/277052: If you have multiple CA you have to concatenate all the CRLs.

You have to concatenate all the CRL in chain: Root CA and Intermediate CAs.

Using openssl crl -in crl_list.crl -noout -text only read the first crl, but nginx reads them correctly and validate the user certificate.

Inspired by: https://www.ruby-forum.com/topic/6874370