Changing client auth to verify if given to allow client
connections where client does not have a certificate
Issue-ID: AAF-93
Change-Id: Ifd8f59108536889bacb0fe1477dc1e1c8a0ff4dc
Signed-off-by: Kiran Kamineni <kiran.k.kamineni@intel.com>
caCertPool.AppendCertsFromPEM(caCert)
tlsConfig = &tls.Config{
- ClientAuth: tls.RequireAndVerifyClientCert,
+ // Change to RequireAndVerify once we have mandatory certs
+ ClientAuth: tls.VerifyClientCertIfGiven,
ClientCAs: caCertPool,
MinVersion: tls.VersionTLS12,
}