3pp-mirror/pomerium
1
0
Fork 0
mirror of https://github.com/pomerium/pomerium.git synced 2025-08-02 00:10:45 +02:00
Code Issues Projects Releases Packages Wiki Activity

add a comment about TLSDownstreamClientCAFile

Browse source
This commit is contained in:
Kenneth Jenkins 2023-07-20 15:55:22 -07:00
parent fb30f3f023
commit d0d2a1fc4e
1 changed files with 3 additions and 0 deletions
Download patch file Download diff file Expand all files Collapse all files

3
config/envoyconfig/listeners.go
View file

@ -577,6 +577,9 @@ func clientCABundle(ctx context.Context, cfg *config.Config) []byte {
allPolicies := cfg.Options.GetAllPolicies()
for i := range allPolicies {
p := &allPolicies[i]
// We don't need to check TLSDownstreamClientCAFile here because
// Policy.Validate() will populate TLSDownstreamClientCA when
// TLSDownstreamClientCAFile is set.
if p.TLSDownstreamClientCA == "" {
continue
}