Skip to content

v6.2.0
Compare
Choose a tag to compare
@panva panva released this 21 Jul 12:24
v6.2.0
4e28623

Features

  • mTLS stable release candidate (a999452)

Notes

Mutual TLS related draft features and configuration was refactored to enable mTLS with various other deployment setups.

  1. the SAN based tls_client_auth_* client properties are now supported
  2. features.certificateBoundAccessTokens is now enabled via features.mTLS
  3. self_signed_tls_client_auth is now enabled via features.mTLS but still whitelisted via *EndpointAuthMethods
  4. tls_client_auth is now enabled via features.mTLS but still whitelisted via *EndpointAuthMethods
  5. three helper methods now must be configured in the features.mTLS namespace - getCertificate to get the PEM certificate value, certificateAuthorized to determine if the client certificate is verified and comes from a trusted CA and certificateSubjectMatches for matching a registered client value with whats in the certificate.
Assets 2
Loading