Merge branch 'v2.0' into master

docs/content/middlewares/forwardauth.md

@@ -509,7 +509,8 @@ metadata:
 spec:
   forwardAuth:
     address: https://authserver.com/auth
-    insecureSkipVerify: true
+    tls:
+      insecureSkipVerify: true
 ```
 
 ```yaml tab="Consul Catalog"
@@ -531,7 +532,8 @@ labels:
 [http.middlewares]
   [http.middlewares.test-auth.forwardAuth]
     address = "https://authserver.com/auth"
-    insecureSkipVerify: true
+    [http.middlewares.test-auth.forwardAuth.tls]
+      insecureSkipVerify: true
 ```
 
 ```yaml tab="File (YAML)"
@@ -540,5 +542,6 @@ http:
     test-auth:
       forwardAuth:
         address: "https://authserver.com/auth"
-        insecureSkipVerify: true
+        tls:
+          insecureSkipVerify: true
 ```

docs/content/middlewares/headers.md

@@ -176,8 +176,8 @@ labels:
 ```toml tab="File (TOML)"    
 [http.middlewares]
   [http.middlewares.testHeader.headers]
-    FrameDeny = true
-    SSLRedirect = true
+    frameDeny = true
+    sslRedirect = true
 ```
 
 ```yaml tab="File (YAML)"  
@@ -185,8 +185,8 @@ http:
   middlewares:
     testHeader:
       headers:
-        FrameDeny: true
-        SSLRedirect: true
+        frameDeny: true
+        sslRedirect: true
 ```
 
 ### CORS Headers

docs/content/middlewares/passtlsclientcert.md

@@ -245,7 +245,10 @@ PassTLSClientCert can add two headers to the request:
 - `X-Forwarded-Tls-Client-Cert-Info` that contains all the selected certificate information in an escaped string.
 
 !!! info
-    The headers are filled with escaped string so it can be safely placed inside a URL query.
+
+    * The headers are filled with escaped string so it can be safely placed inside a URL query.
+    * These options only work accordingly to the [MutualTLS configuration](../https/tls.md#client-authentication-mtls).
+    That is to say, only the certificates that match the `clientAuth.clientAuthType` policy are passed.
 
 In the following example, you can see a complete certificate. We will use each part of it to explain the middleware options.