From b5a59d4e7acaef7e74b8015324cf77f7c59d150f Mon Sep 17 00:00:00 2001 From: Justin Angel Date: Mon, 21 Feb 2022 10:20:11 -0500 Subject: [PATCH] updating changelog and docs --- CHANGELOG.md | 2 ++ docs/tls.md | 15 ++++++--------- 2 files changed, 8 insertions(+), 9 deletions(-) diff --git a/CHANGELOG.md b/CHANGELOG.md index 70bda12d..2aaf580b 100644 --- a/CHANGELOG.md +++ b/CHANGELOG.md @@ -2,6 +2,8 @@ **TBD (TBD):** +- Add support for configurable mTLS [docs](docs/tls.md#configuring-mutual-tls-authentication-mtls) + **0.13.0 (2022-02-18):** **Features**: diff --git a/docs/tls.md b/docs/tls.md index d8371444..7dc322cd 100644 --- a/docs/tls.md +++ b/docs/tls.md @@ -32,16 +32,13 @@ tls_key_path: "" ### Configuring Mutual TLS Authentication (mTLS) -mTLS is a method by which an HTTPS server authenticates clients, e.g. Tailscale, -using TLS certificates. The capability can be configured by applying one of -the following values to the `tls_client_auth_mode` setting in the configuration -file. +mTLS is a method by which an HTTPS server authenticates clients, e.g. Tailscale, using TLS certificates. This can be configured by applying one of the following values to the `tls_client_auth_mode` setting in the configuration file. -| Value | Behavior | -| ---------- | ---------------------------------------------------------- | -| `disabled` | Disable mTLS (default). | -| `relaxed` | A client certificate is required, but it is not verified. | -| `enforced` | Requires clients to supply a certificate that is verified. | +| Value | Behavior | +| ------------------- | -----------------------------------------------------------| +| `disabled` | Disable mTLS. | +| `relaxed` (default) | A client certificate is required, but it is not verified. | +| `enforced` | Requires clients to supply a certificate that is verified. | ```yaml tls_client_auth_mode: ""