diff options
| author | Chris Lu <chrislusf@users.noreply.github.com> | 2021-03-10 11:17:49 -0800 |
|---|---|---|
| committer | GitHub <noreply@github.com> | 2021-03-10 11:17:49 -0800 |
| commit | 105fcd7bfcd10a185f38abe04a4158327e082a8e (patch) | |
| tree | f31d944d47452fe10354cf2fe579b0a51026067e /weed/command/scaffold.go | |
| parent | 737bde5ab7bcd83002127ccc0adf07839602f714 (diff) | |
| parent | 348e21a08ccc52f6837613e7765e9d815850bd6c (diff) | |
| download | seaweedfs-105fcd7bfcd10a185f38abe04a4158327e082a8e.tar.xz seaweedfs-105fcd7bfcd10a185f38abe04a4158327e082a8e.zip | |
Merge pull request #1872 from kmlebedev/grpc_auth
TLS allowed CommonNames
Diffstat (limited to 'weed/command/scaffold.go')
| -rw-r--r-- | weed/command/scaffold.go | 7 |
1 files changed, 6 insertions, 1 deletions
diff --git a/weed/command/scaffold.go b/weed/command/scaffold.go index c2d53e4bd..07d448042 100644 --- a/weed/command/scaffold.go +++ b/weed/command/scaffold.go @@ -440,22 +440,28 @@ expires_after_seconds = 10 # seconds # the host name is not checked, so the PERM files can be shared. [grpc] ca = "" +# Set wildcard domain for enable TLS authentication by common names +allowed_wildcard_domain = "" # .mycompany.com [grpc.volume] cert = "" key = "" +allowed_commonNames = "" # comma-separated SSL certificate common names [grpc.master] cert = "" key = "" +allowed_commonNames = "" # comma-separated SSL certificate common names [grpc.filer] cert = "" key = "" +allowed_commonNames = "" # comma-separated SSL certificate common names [grpc.msg_broker] cert = "" key = "" +allowed_commonNames = "" # comma-separated SSL certificate common names # use this for any place needs a grpc client # i.e., "weed backup|benchmark|filer.copy|filer.replicate|mount|s3|upload" @@ -463,7 +469,6 @@ key = "" cert = "" key = "" - # volume server https options # Note: work in progress! # this does not work with other clients, e.g., "weed filer|mount" etc, yet. |