Client-authenicated TLS handshake with relayd

Previous Topic Next Topic
 
classic Classic list List threaded Threaded
2 messages Options
Reply | Threaded
Open this post in threaded view
|

Client-authenicated TLS handshake with relayd

Paul Pace
Hello!

I am putting a small server behind Cloudflare that currently is
configured to serve everything through relayd.

I want to use their option of client-authenticated TLS handshakes, but I
can't see a way to do it with relayd - is this possible?

It does look like I could use httpd tls client ca option (assuming I'm
understanding the man page), which I can use if relayd doesn't support this.

Thank you!

Paul

Reply | Threaded
Open this post in threaded view
|

Re: Client-authenicated TLS handshake with relayd

Jean-Pierre de Villiers
In relayd.conf(5) it is explained that using the 'forward' statement
with the 'with tls' directive enables client-side TLS mode.  Refer to
the aforementioned manual page for the exact syntax.  Remember that you
can check the syntax by running 'relayd -n'.

Regards,
Jean-Pierre

On 21/02/19 12:15pm, Paul Pace wrote:

> Hello!
>
> I am putting a small server behind Cloudflare that currently is configured
> to serve everything through relayd.
>
> I want to use their option of client-authenticated TLS handshakes, but I
> can't see a way to do it with relayd - is this possible?
>
> It does look like I could use httpd tls client ca option (assuming I'm
> understanding the man page), which I can use if relayd doesn't support this.
>
> Thank you!
>
> Paul
>