From d82be5c69e858239aa3810087a43d178d6101d69 Mon Sep 17 00:00:00 2001 From: Bernhard Reiter Date: Wed, 13 Apr 2022 17:59:16 +0200 Subject: [PATCH] Improve client cert setup instructions * Add hint that the used client certification is logged by default when accessing the upload interface of the provider. resolve #99 --- docs/client-certificate-setup.md | 5 +++++ 1 file changed, 5 insertions(+) diff --git a/docs/client-certificate-setup.md b/docs/client-certificate-setup.md index ab397ce..ac829c4 100644 --- a/docs/client-certificate-setup.md +++ b/docs/client-certificate-setup.md @@ -47,6 +47,11 @@ within the `csaf_provider`. To inspect the precise string of certain certificate, try it and check the logged value in the nginx log file, e.g. `/var/log/nginx/error.log`. +The *used personal client certificate will be logged by default*, +when accessing the csaf_provider uploading interface. +It is written to the nginx error log together with the connection information. +This is for auditing who did uploads. + Reload or restart nginx to apply the changes (e.g. `systemctl reload nginx` on Debian or Ubuntu.)