refining
This commit is contained in:
Justin Angel
parent
9e619fc020
commit
5935b13b67
3 changed files with 33 additions and 9 deletions
19
docs/tls.md
19
docs/tls.md
|
|
@ -29,3 +29,22 @@ headscale can also be configured to expose its web service via TLS. To configure
|
|||
tls_cert_path: ""
|
||||
tls_key_path: ""
|
||||
```
|
||||
|
||||
### Configuring Mutual TLS Authentication (mTLS)
|
||||
|
||||
mTLS is a method by which an HTTPS server authenticates clients, e.g. Tailscale,
|
||||
using TLS certificates. The capability can be configured by by applying one of
|
||||
the following values to the `tls_client_auth_mode` setting in the configuration
|
||||
file.
|
||||
|
||||
| Value | Behavior |
|
||||
| ----- | -------- |
|
||||
| `disabled` | Disable mTLS (default). |
|
||||
| `relaxed` | A client certificate is required, but it is not verified. |
|
||||
| `enforced` | Requires clients to supply a certificate that is verified. |
|
||||
|
||||
|
||||
```yaml
|
||||
tls_client_auth_mode: ""
|
||||
```
|
||||
|
||||
|
|
|
|||
Loading…
Add table
Add a link
Reference in a new issue