Remove mTLS from doc and config example

2024-12-21 23:47:34 +00:00 · 2022-11-19 10:35:48 +00:00 · 2022-11-19 10:35:48 +00:00 · 935319a218
commit 935319a218
parent 4c7e15a7ce
2 changed files with 0 additions and 21 deletions
--- a/config-example.yaml
+++ b/config-example.yaml
@ -161,13 +161,6 @@ acme_email: ""
 # Domain name to request a TLS certificate for:
 tls_letsencrypt_hostname: ""

-# Client (Tailscale/Browser) authentication mode (mTLS)
-# Acceptable values:
-# - disabled: client authentication disabled
-# - relaxed: client certificate is required but not verified
-# - enforced: client certificate is required and verified
-tls_client_auth_mode: relaxed
-
 # Path to store certificates and metadata needed by
 # letsencrypt
 # For production:
--- a/docs/tls.md
+++ b/docs/tls.md
@ -29,17 +29,3 @@ headscale can also be configured to expose its web service via TLS. To configure
 tls_cert_path: ""
 tls_key_path: ""
 ```
-
-### Configuring Mutual TLS Authentication (mTLS)
-
-mTLS is a method by which an HTTPS server authenticates clients, e.g. Tailscale, using TLS certificates. This can be configured by applying one of the following values to the `tls_client_auth_mode` setting in the configuration file.
-
-| Value               | Behavior                                                   |
-| ------------------- | ---------------------------------------------------------- |
-| `disabled`          | Disable mTLS.                                              |
-| `relaxed` (default) | A client certificate is required, but it is not verified.  |
-| `enforced`          | Requires clients to supply a certificate that is verified. |
-
-```yaml
-tls_client_auth_mode: ""
-```