gogrlx/nats-server
1
0
Fork 0
mirror of https://github.com/gogrlx/nats-server.git synced 2026-04-14 10:10:42 -07:00
Code Issues Packages Projects Releases Wiki Activity
Files
aff10aa16b0cd4c40dcafe4eb366770fd41d64cd
nats-server/test/configs/tls_cert_id.conf
Derek Collison 7978d8e667 Support for mapping user from TLS client certificate 
Signed-off-by: Derek Collison <derek@nats.io>
2018-12-20 07:51:43 -08:00

25 lines
622 B
Plaintext
Raw Blame History

# TLS config file
# We require client certs and pull the user from the cert itself.
listen: 127.0.0.1:9333
tls {
# Server cert
cert_file: "./configs/certs/server-cert.pem"
# Server private key
key_file: "./configs/certs/server-key.pem"
# Specified time for handshake to complete
timeout: 2
# Optional certificate authority for clients
ca_file: "./configs/certs/ca.pem"
# Require a client certificate and map user id from certificate
verify_and_map: true
}
# User authenticated from above in certificate.
authorization {
users = [
{user: derek@nats.io, permissions: { publish:"foo" }}
]
}
Reference in New Issue View Git Blame Copy Permalink