ningyougang commented on issue #2427: Support client certificate on cli and nginx URL: https://github.com/apache/incubator-openwhisk/pull/2427#issuecomment-311279664 This commit just increases the security of auth using `wsk -i property set --cert openwhisk-client-cert.pem --key openwhisk-client-key.pem --auth XXX...`.But for controller side, i don't know whether there has need to ignore --auth parameter verify if user passes client certificate. the whole logic may like this * When users execute `wsk -i property --cert cert.pem --key key.pem............`, the controller will ignore `--auth` verfiy, directly passed, because already verify client certificate by nginx, so there has no need to verify auth key. * When users execute `wsk -i property --auth ${auth}.....`, keep original logic not changed, the controller will verfiy the auth key. So, guys, what's your opinion for above controller side's logic for client certificate? ---------------------------------------------------------------- This is an automated message from the Apache Git Service. To respond to the message, please log on GitHub and use the URL above to go to the specific comment. For queries about this service, please contact Infrastructure at: [email protected]
With regards, Apache Git Services
