Feature request: option to enable nsSSLClientAuth #27
Labels
enhancement
New feature or request
good first issue
Good for newcomers
help wanted
Extra attention is needed
Comments
|
While I don't have time in the short term to work on this, I'd gladly accept a pull request. The extra variable is probably the best approach, just set "off" as the default. Even better would be figuring out if this is actually needed/recommended. For example, here it's recommended: https://directory.fedoraproject.org/docs/389ds/howto/howto-ssl.html, while here it just says the default is "allowed": https://access.redhat.com/documentation/en-us/red_hat_directory_server/11/html-single/configuration_command_and_file_reference/index#nsSSLClientAuth, if leaving "allowed" has no downsides compared to "off" that task could be removed entirely. |
lvps
added
help wanted
Sign up for free
to join this conversation on GitHub.
Already have an account?
Sign in to comment
I see nsSSLClientAuth gets turned off in tasks/configure_tls.yml.
In my use case I need ssl client auth to setup replication agreements, based on host certificates (rather than user/pass).
It would be nice to have an option to override this setting (maybe an extra variable: dirsrv_sslclientauth)
Thanks
The text was updated successfully, but these errors were encountered: