Mutual-tls (Section)#
Path: /profiles/profile{id, type}/settings/authorization-server/dynamic-client-registration/non-templatized/client-authentication-method/mutual-tls
When this is set, dynamically registered client can be authenticated with a client certificate. Depending on the profile settings, this is received through either mutual-tls or mutual-tls-by-proxy
Parameters#
| Name | Type | Required | Default | Description |
|---|---|---|---|---|
| match-rdn | multi-value, union | optional | Attribute of the subject to match, instead of matching the full subject of the certificate. Could be used to allow a certificate to change, but allow a specific part to stay the same. If multiple attributes are configured, they all have to match. |
Subsections#
| Name | Type | Description |
|---|---|---|
| trusted-cas | Section | None |