SystemSh0cker/gocsaf
1
0
Fork 0
mirror of https://github.com/gocsaf/csaf.git synced 2025-12-22 11:55:40 +01:00
Code Issues Releases Activity Actions

Add example to README (client-certificate-setup.md)

Browse source
This commit is contained in:
Fadi Abbud 2022-03-24 09:36:59 +01:00
parent 1d7e7a3124
commit 1a2af34df0
1 changed files with 1 additions and 1 deletions
Download patch file Download diff file Expand all files Collapse all files

2
docs/client-certificate-setup.md
View file

@ -37,7 +37,7 @@ differently, you could use several location blocks
each which a single `if` that matches the `$ssl_client_i_dn` variable each which a single `if` that matches the `$ssl_client_i_dn` variable
to CAs that you would want to allow for that location. to CAs that you would want to allow for that location.
If you want to allow the access to the web-interface of the provider for some TLS client certificates, the CA issuer of these certificates should be assigned to the `issuer` key in the `/user/lib/csaf/config.toml` file. If you want to restrict the access to the web-interface of the `csaf_provider` for only some TLS client certificates, the CA issuer of these certificates should be assigned to the `issuer` key in the `/user/lib/csaf/config.toml` file e.g. `issuer = "C=DE,O=CSAF Tools Development (internal),CN=Tester" `.
Reload or restart nginx to apply the changes (e.g. `systemctl reload nginx` Reload or restart nginx to apply the changes (e.g. `systemctl reload nginx`
on Debian or Ubuntu.) on Debian or Ubuntu.)