Code Review / aaf / sms.git / blobdiff
? search:
summary | shortlog | log | commit | commitdiff | review | tree
raw | inline | side by side
Changing client auth method to verify if given
[aaf/sms.git] / sms-service / src / sms / auth / auth.go
diff --git a/sms-service/src/sms/auth/auth.go b/sms-service/src/sms/auth/auth.go
index ad5afdc..dc5c7bf 100644 (file)
--- a/sms-service/src/sms/auth/auth.go
+++ b/sms-service/src/sms/auth/auth.go
@@ -45,7 +45,8 @@ func GetTLSConfig(caCertFile string) (*tls.Config, error) {
                caCertPool.AppendCertsFromPEM(caCert)
 
                tlsConfig = &tls.Config{
-                       ClientAuth: tls.RequireAndVerifyClientCert,
+                       // Change to RequireAndVerify once we have mandatory certs
+                       ClientAuth: tls.VerifyClientCertIfGiven,
                        ClientCAs:  caCertPool,
                        MinVersion: tls.VersionTLS12,
                }
Secret Management Service that will contain the webservice as well as client code for managing and accessing secrets.