summaryrefslogtreecommitdiffstats
path: root/docs/sections/services/ves-http/tls-authentication.rst
diff options
context:
space:
mode:
Diffstat (limited to 'docs/sections/services/ves-http/tls-authentication.rst')
-rw-r--r--docs/sections/services/ves-http/tls-authentication.rst20
1 files changed, 2 insertions, 18 deletions
diff --git a/docs/sections/services/ves-http/tls-authentication.rst b/docs/sections/services/ves-http/tls-authentication.rst
index 1ace3937..12301383 100644
--- a/docs/sections/services/ves-http/tls-authentication.rst
+++ b/docs/sections/services/ves-http/tls-authentication.rst
@@ -22,18 +22,10 @@ Of course, mutual TLS authentication requires also server certificates, so follo
* *collector.keystore.file.location* - a path to jks key store containing certificates which can be used for TLS handshake
* *collector.keystore.passwordfile* - a path to file containing a password for the key store
-Property *auth.method* is used to manage security mode, possible configuration: noAuth, basicAuth, certOnly, certBasicAuth
+Property *auth.method* is used to manage security mode, possible configuration: noAuth, certBasicAuth
* *auth.method=noAuth* default option - no security (http)
- * *auth.method=certOnly* is used to enable mutual TLS authentication (https)
-
- * client without cert and without basic auth = :red:`Authentication failure`
- * client without cert and wrong basic auth = :red:`Authentication failure`
- * client without cert and correct basic auth = :red:`Authentication failure`
- * client with cert and without/wrong basic auth = :green:`Authentication successful`
- * client with cert and correct basic auth = :green:`Authentication successful`
-
* *auth.method=certBasicAuth* is used to enable mutual TLS authentication or/and basic HTTPs authentication
* client without cert and without basic auth = :red:`Authentication failure`
@@ -42,13 +34,5 @@ Property *auth.method* is used to manage security mode, possible configuration:
* client with cert and without/wrong basic auth = :green:`Authentication successful`
* client with cert and correct basic auth = :green:`Authentication successful`
- * *auth.method=basicAuth* is used to enable basic HTTPs authentication
-
- * client without cert and without basic auth = :red:`Authentication failure`
- * client without cert and wrong basic auth = :red:`Authentication failure`
- * client without cert and correct basic auth = :green:`Authentication successful`
- * client with cert and without/wrong basic auth = :red:`Authentication failure`
- * client with cert and correct basic auth = :green:`Authentication successful`
-
-When application is in certOnly or certBasicAuth mode then certificates are also validated by regexp in /etc/certSubjectMatcher.properties,
+When application is in certBasicAuth mode then certificates are also validated by regexp in /etc/certSubjectMatcher.properties,
only SubjectDn field in certificate description are checked. Default regexp value is .* means that we approve all SubjectDN values.