Hi, we've got the patch ready for client certificate validation, cc'ing
related people.
The patch adds two features:
1. client certificate validation itself
2. passing on certificate and select fields in HTTP headers
## Brief description of client certificates (for whoever else is reading)
Clie
Hi, sorry for being a moron.
I realize it’s already optional by not specifying client ca… sorry about the
noise!
> On Dec 16, 2021, at 9:35 PM, Brian Brombacher wrote:
>
> Hi, not to interrupt development …
>
> Can you make this completely optional from the servers perspective? I don’t
>
Hi, not to interrupt development …
Can you make this completely optional from the servers perspective? I don’t
want my endpoints validating anonymous client certificates when I run a public
endpoint.
I’ll just hack it out otherwise, but I think this opens a vector that should be
completely op
Hi!
Here comes the support for relayd client certificate validation.
Full certificate chain, subject and issuer can be passed over in http headers.
It supports mandatory validation and optional validation(if client chooses to
provide certificate it will be validated).
Part of my sample config.