mirror of https://github.com/status-im/consul.git
Add extra clarification around verify_incoming_https for localhost
In many cases access to localhost is restricted to trusted/privellged actors only
This commit is contained in:
parent
84a345324c
commit
e0a9e329e5
|
@ -78,7 +78,8 @@ environment and adapt these configurations accordingly.
|
||||||
HTTPS API.
|
HTTPS API.
|
||||||
|
|
||||||
- [`verify_incoming_https`](/docs/agent/options#verify_incoming_https) - By default this is false, and should be set
|
- [`verify_incoming_https`](/docs/agent/options#verify_incoming_https) - By default this is false, and should be set
|
||||||
to true to require clients to provide a valid TLS certificate when the Consul HTTPS API is enabled.
|
to true to require clients to provide a valid TLS certificate when the Consul HTTPS API is enabled. TLS for the API
|
||||||
|
may be not be necessary if it is exclusively served over a loopback interface such as `localhost`.
|
||||||
|
|
||||||
- [`verifing_incoming_rpc`](/docs/agent/options#verify_incoming_rpc) - By default this is false, and should almost
|
- [`verifing_incoming_rpc`](/docs/agent/options#verify_incoming_rpc) - By default this is false, and should almost
|
||||||
always be set to true to require clients to provide a valid TLS certificate for Consul agent RPCs.
|
always be set to true to require clients to provide a valid TLS certificate for Consul agent RPCs.
|
||||||
|
|
Loading…
Reference in New Issue