shinrich commented on a change in pull request #7130:
URL: https://github.com/apache/trafficserver/pull/7130#discussion_r477338853
##########
File path: doc/admin-guide/files/sni.yaml.en.rst
##########
@@ -69,11 +69,22 @@ verify_server_properties One of the values :code:`NONE`,
:code:`SIGNATURE`, :co
verify_client One of the values :code:`NONE`, :code:`MODERATE`, or
:code:`STRICT`.
If ``NONE`` is specified, |TS| requests no
certificate. If ``MODERATE`` is specified
|TS| will verify a certificate that is presented by
the client, but it will not
- fail the TLS handshake if new certificate is
presented. If ``STRICT`` is specified
+ fail the TLS handshake if no certificate is
presented. If ``STRICT`` is specified
the client must resent a certificate during the TLS
handshake.
By default this is
:ts:cv:`proxy.config.ssl.client.certification_level`.
+verify_client_ca_certs Specifies an alternate set of certificate authority
certs to use to verify the
Review comment:
I assume this argument is optional.
----------------------------------------------------------------
This is an automated message from the Apache Git Service.
To respond to the message, please log on to GitHub and use the
URL above to go to the specific comment.
For queries about this service, please contact Infrastructure at:
[email protected]
