homelab/traefik
1
0
Fork 0
Code Activity

Deprecate caOptional option in client TLS configuration

Browse source
This commit is contained in:
Kevin Pollet 2022-04-28 14:58:08 +02:00 committed by GitHub
parent 707d355d4a
commit 7d274e8088
No known key found for this signature in database
GPG key ID: 4AEE18F83AFDEB23
11 changed files with 11 additions and 315 deletions
Download patch file Download diff file Expand all files Collapse all files

30
docs/content/providers/http.md
View file

@ -105,36 +105,6 @@ providers:
--providers.http.tls.ca=path/to/ca.crt
```
#### `caOptional`
_Optional_
The value of `caOptional` defines which policy should be used for the secure connection with TLS Client Authentication to the endpoint.
!!! warning ""
If `ca` is undefined, this option will be ignored, and no client certificate will be requested during the handshake. Any provided certificate will thus never be verified.
When this option is set to `true`, a client certificate is requested during the handshake but is not required. If a certificate is sent, it is required to be valid.
When this option is set to `false`, a client certificate is requested during the handshake, and at least one valid certificate should be sent by the client.
```yaml tab="File (YAML)"
providers:
http:
tls:
caOptional: true
```
```toml tab="File (TOML)"
[providers.http.tls]
caOptional = true
```
```bash tab="CLI"
--providers.http.tls.caOptional=true
```
#### `cert`
_Optional_