]> git.ipfire.org Git - thirdparty/haproxy.git/commit
projects / thirdparty / haproxy.git / commit
? search:
summary | shortlog | log | commit | commitdiff | tree
(parent: 7fb3442) | patch
MEDIUM: ssl: add client certificate authentication support
authorEmeric Brun <ebrun@exceliance.fr>
Thu, 20 Sep 2012 16:23:56 +0000 (18:23 +0200)
committerWilly Tarreau <w@1wt.eu>
Tue, 2 Oct 2012 06:04:49 +0000 (08:04 +0200)
commitd94b3fe98f92a5f95a078a8f53e24bd0a02eff02
tree8baacd58227889b02c7c1ba22aa9f14770397714tree | snapshot
parent7fb34422fe97706916acea059343cc21a9d6e5efcommit | diff
MEDIUM: ssl: add client certificate authentication support

Add keyword 'verify' on bind:
'verify none': authentication disabled (default)
'verify optional': accept connection without certificate
                   and process a verify if the client sent a certificate
'verify required': reject connection without certificate
                   and process a verify if the client send a certificate

Add keyword 'cafile' on bind:
'cafile <path>' path to a client CA file used to verify.
'crlfile <path>' path to a client CRL file used to verify.
include/types/listener.h diff | blob | blame | history
src/cfgparse.c diff | blob | blame | history
src/haproxy.c diff | blob | blame | history
src/ssl_sock.c diff | blob | blame | history
Mirror of https://github.com/haproxy/haproxy.git