Uploaded image for project: 'OpenDJ'
  1. OpenDJ
  2. OPENDJ-6840

Consider renaming the use-mutual-tls options in proxy

    Details

    • Type: Task
    • Status: Done
    • Priority: Blocker
    • Resolution: Fixed
    • Affects Version/s: 7.0.0
    • Fix Version/s: 7.0.0
    • Component/s: proxy
    • Labels:
      None

      Description

      As Matthew Swift said:

      To be fair, carole forel's confusion does highlight that the configuration model is a bit misleading. The term mTLS simply means that both the client and the server are exchanging their certificates at the TLS layer. However, this is enabled by specifying a key-manager and client cert alias. The use-mutual-tls option actually means use SASL/External authentication, which binds the TLS layer's client certificate to an LDAP application layer identity via a bind request.

      Hmmm. Maybe we should consider renaming the use-mutual-tls options to something like use-sasl-external?

      Ludovic Poitou proposed

      use-tls-authentication

       

        Attachments

          Activity

            People

            • Assignee:
              cforel carole forel
              Reporter:
              cforel carole forel
              Dev Assignee:
              Matthew Swift
            • Votes:
              0 Vote for this issue
              Watchers:
              1 Start watching this issue

              Dates

              • Created:
                Updated:
                Resolved: