Add optional tls verification (#7502)

Adds an `optional` value to the previously boolean `tls-auth-clients` configuration keyword. Co-authored-by: Yossi Gottlieb <yossigo@gmail.com>
author: Jiayuan Chen <mrpre@163.com> 2020-07-28 15:45:21 +0800
committer: GitHub <noreply@github.com> 2020-07-28 10:45:21 +0300
commit: f31260b0445f5649449da41555e1272a40ae4af7 (patch)
tree: ce0e7f9244ef06038c58d2cbb921f705251836c6 /redis.conf
parent: 5f4a2801cb2eb42c2ed5c3ebe1b357147779963d (diff)
download: redis-f31260b0445f5649449da41555e1272a40ae4af7.tar.gz
1 files changed, 4 insertions, 1 deletions
diff --git a/redis.conf b/redis.conf
index 8c53f015a..d4e3e47f0 100644
--- a/redis.conf
+++ b/redis.conf
@@ -159,9 +159,12 @@ tcp-keepalive 300
 # By default, clients (including replica servers) on a TLS port are required
 # to authenticate using valid client side certificates.
 #
-# It is possible to disable authentication using this directive.
+# If "no" is specified, client certificates are not required and not accepted.
+# If "optional" is specified, client certificates are accepted and must be
+# valid if provided, but are not required.
 #
 # tls-auth-clients no
+# tls-auth-clients optional
 
 # By default, a Redis replica does not attempt to establish a TLS connection
 # with its master.
author	Jiayuan Chen <mrpre@163.com>	2020-07-28 15:45:21 +0800
committer	GitHub <noreply@github.com>	2020-07-28 10:45:21 +0300
commit	f31260b0445f5649449da41555e1272a40ae4af7 (patch)
tree	ce0e7f9244ef06038c58d2cbb921f705251836c6 /redis.conf
parent	5f4a2801cb2eb42c2ed5c3ebe1b357147779963d (diff)
download	redis-f31260b0445f5649449da41555e1272a40ae4af7.tar.gz