ningyougang commented on issue #2517: Support client certificate verify on server side URL: https://github.com/apache/incubator-openwhisk/pull/2517#issuecomment-317988650 ``` I wonder if the documentation for how to set up the client based authentication belongs in the same place our docs talk about ssl certificates in general - so that the CLI doc is strictly about the CLI not a deployment. ``` Answer: openwhisk itself doens't care how to generate client certificate(genssh.sh just an example), it just provide a entry point configuration to how to use it, so openwhisk users(for example:a company) just configure `nginx.ssl.client_ca_cert` to `their own client ca path`, and create every client certificate(cert/key) for its employees. So employee can download its own client certificate(cert/key) from somewhere(may be download url), and use `wsk -i property set --cert <cert> --key <key> XXX` can access openwhisk env. So i will improve the docs. ---------------------------------------------------------------- This is an automated message from the Apache Git Service. To respond to the message, please log on GitHub and use the URL above to go to the specific comment. For queries about this service, please contact Infrastructure at: [email protected]
With regards, Apache Git Services
