zrhoffman opened a new issue, #7503: URL: https://github.com/apache/trafficcontrol/issues/7503
<!-- ************ STOP!! ************ If this issue identifies a security vulnerability, DO NOT submit it! Instead, contact the Apache Traffic Control Security Team at [email protected] and follow the guidelines at https://apache.org/security regarding vulnerability disclosure. - For *SUPPORT QUESTIONS*, use the #traffic-control channel on the ASF slack (https://s.apache.org/tc-slack-request) or the Traffic Control Users mailing list (send an email to [email protected] to subscribe). - Before submitting, please **SEARCH GITHUB** for a similar issue or PR * https://github.com/apache/trafficcontrol/issues * https://github.com/apache/trafficcontrol/pulls --> <!-- Do not submit security vulnerabilities or support requests here - see above --> ## This Feature Request affects these Traffic Control components: - Automation - Ansible Roles ## Description <!-- Describe how the current ATC features are insufficient and how this new feature would improve Traffic Control --> #7392 added support for certificate-based authentication in Traffic Ops. In `cdn.conf`, that meant * Enabling `ClientAuth` in the `"tls_config"` section https://github.com/apache/trafficcontrol/blob/bf3487cdf484ec30cacdb7bcebff75ab5e81bbdd/traffic_ops/app/conf/cdn.conf#L44 * Adding a new `"client_certificate_authentication"` section https://github.com/apache/trafficcontrol/blob/bf3487cdf484ec30cacdb7bcebff75ab5e81bbdd/traffic_ops/app/conf/cdn.conf#L107-L109 These changes need to be made in [`/infrastructure/ansible/roles/traffic_ops/templates/cdn.conf.j2`](https://github.com/apache/trafficcontrol/blob/bf3487cdf484ec30cacdb7bcebff75ab5e81bbdd/infrastructure/ansible/roles/traffic_ops/templates/cdn.conf.j2), as well. -- This is an automated message from the Apache Git Service. To respond to the message, please log on to GitHub and use the URL above to go to the specific comment. To unsubscribe, e-mail: [email protected] For queries about this service, please contact Infrastructure at: [email protected]
