bneradt commented on code in PR #12114: URL: https://github.com/apache/trafficserver/pull/12114#discussion_r2008097486
########## doc/admin-guide/files/sni.yaml.en.rst: ########## @@ -136,15 +136,15 @@ verify_server_properties Outbound One of the values :code:`NONE By default this is :ts:cv:`proxy.config.ssl.client.verify.server.properties`. This controls what |TS| checks when evaluating the origin certificate. -verify_client Outbound One of the values :code:`NONE`, :code:`MODERATE`, or :code:`STRICT`. +verify_client Inbound One of the values :code:`NONE`, :code:`MODERATE`, or :code:`STRICT`. If ``NONE`` is specified, |TS| requests no certificate. If ``MODERATE`` is specified |TS| will verify a certificate that is presented by the client, but it will not fail the TLS handshake if no certificate is presented. If ``STRICT`` is specified the client must present a certificate during the TLS handshake. By default this is :ts:cv:`proxy.config.ssl.client.certification_level`. -verify_client_ca_certs Both Specifies an alternate set of certificate authority certs to use to verify the +verify_client_ca_certs Inbound Specifies an alternate set of certificate authority certs to use to verify the Review Comment: @masaori335 : you have thoughts? It could be I'm missing something. Should `verify_client_ca_certs` be `Both` instead of `Inbound`? Thanks. -- This is an automated message from the Apache Git Service. To respond to the message, please log on to GitHub and use the URL above to go to the specific comment. To unsubscribe, e-mail: github-unsubscr...@trafficserver.apache.org For queries about this service, please contact Infrastructure at: us...@infra.apache.org