You signed in with another tab or window. Reload to refresh your session.You signed out in another tab or window. Reload to refresh your session.You switched accounts on another tab or window. Reload to refresh your session.Dismiss alert
Currently, TLS Mutual Authentication is an "all or nothing" switch - if I have multiple SNI's and set ClientCAFiles (at the entrypoint definition level), then every SNI requires client auth. I think it would make sense to make the entry relative, so that I can have some SSL entrypoints require tls mutual auth and some that do not.
Do you want to request a feature or report a bug?
I am requesting a feature.
What did you do?
Currently, TLS Mutual Authentication is an "all or nothing" switch - if I have multiple SNI's and set ClientCAFiles (at the entrypoint definition level), then every SNI requires client auth. I think it would make sense to make the entry relative, so that I can have some SSL entrypoints require tls mutual auth and some that do not.
Here is a simple example of what I am thinking:
In the config above, clientCAFiles would apply only to the first SNI (server1), but not the 2nd (server2).
What did you expect to see?
I would expect to be able to use ClientCAFiles in a way that is not an "all or nothing" switch.
What did you see instead?
using ClientCAFiles means that everything in that entrypoint uses it, or nothing does.
Output of
traefik version
: (What version of Traefik are you using?)What is your environment & configuration (arguments, toml, provider, platform, ...)?
The text was updated successfully, but these errors were encountered: