From e9efdcb3aaf2a64e94d0e2f6025bd9ff47582056 Mon Sep 17 00:00:00 2001 From: Gautier Delorme Date: Thu, 20 Oct 2022 23:09:59 +0200 Subject: [PATCH] update changelog Signed-off-by: Gautier Delorme --- changelogs/unreleased/4796-gautierdelorme-minor.md | 2 +- 1 file changed, 1 insertion(+), 1 deletion(-) diff --git a/changelogs/unreleased/4796-gautierdelorme-minor.md b/changelogs/unreleased/4796-gautierdelorme-minor.md index 04ff04f61f9..7e3da98a3f1 100644 --- a/changelogs/unreleased/4796-gautierdelorme-minor.md +++ b/changelogs/unreleased/4796-gautierdelorme-minor.md @@ -1,5 +1,5 @@ ## Optional Client Certificate Validation -By default, client certificates are required but some applications might support different authentication schemes. +By default, when client certificate validation is configured, client certificates are required. You can now set the `httpproxy.spec.virtualhost.tls.clientValidation.optionalClientCertificate` field to `true`. A client certificate will be requested, but the connection is allowed to continue if the client does not provide one. If a client certificate is sent, it will be verified according to the other properties, which includes disabling validations if `httpproxy.spec.virtualhost.tls.clientValidation.skipClientCertValidation` is set.