|
|
|
|
@ -58,9 +58,9 @@ typedef enum { |
|
|
|
|
|
|
|
|
|
typedef enum { |
|
|
|
|
/** Server does not request client certificate.
|
|
|
|
|
The certificate presented by the client is not checked by the server at all. |
|
|
|
|
(A client may present a self signed or signed certificate or not present a certificate at all and any of |
|
|
|
|
those option would be accepted) */ |
|
|
|
|
The certificate presented by the client is not checked by the server at |
|
|
|
|
all. (A client may present a self signed or signed certificate or not |
|
|
|
|
present a certificate at all and any of those option would be accepted) */ |
|
|
|
|
GRPC_SSL_DONT_REQUEST_CLIENT_CERTIFICATE, |
|
|
|
|
/** Server requests client certificate but does not enforce that the client
|
|
|
|
|
presents a certificate. |
|
|
|
|
@ -69,19 +69,19 @@ typedef enum { |
|
|
|
|
the application (the necessary metadata will be available to the |
|
|
|
|
application via authentication context properties, see grpc_auth_context). |
|
|
|
|
|
|
|
|
|
The client's key certificate pair must be valid for the SSL connection to be |
|
|
|
|
established. */ |
|
|
|
|
The client's key certificate pair must be valid for the SSL connection to |
|
|
|
|
be established. */ |
|
|
|
|
GRPC_SSL_REQUEST_CLIENT_CERTIFICATE_BUT_DONT_VERIFY, |
|
|
|
|
/** Server requests client certificate but does not enforce that the client
|
|
|
|
|
presents a certificate. |
|
|
|
|
|
|
|
|
|
If the client presents a certificate, the client authentication is done by |
|
|
|
|
the gRPC framework. (For a successful connection the client needs to either |
|
|
|
|
present a certificate that can be verified against the root certificate configured by the server |
|
|
|
|
or not present a certificate at all) |
|
|
|
|
present a certificate that can be verified against the root certificate |
|
|
|
|
configured by the server or not present a certificate at all) |
|
|
|
|
|
|
|
|
|
The client's key certificate pair must be valid for the SSL connection to be |
|
|
|
|
established. */ |
|
|
|
|
The client's key certificate pair must be valid for the SSL connection to |
|
|
|
|
be established. */ |
|
|
|
|
GRPC_SSL_REQUEST_CLIENT_CERTIFICATE_AND_VERIFY, |
|
|
|
|
/** Server requests client certificate and enforces that the client presents a
|
|
|
|
|
certificate. |
|
|
|
|
@ -90,18 +90,18 @@ typedef enum { |
|
|
|
|
the application (the necessary metadata will be available to the |
|
|
|
|
application via authentication context properties, see grpc_auth_context). |
|
|
|
|
|
|
|
|
|
The client's key certificate pair must be valid for the SSL connection to be |
|
|
|
|
established. */ |
|
|
|
|
The client's key certificate pair must be valid for the SSL connection to |
|
|
|
|
be established. */ |
|
|
|
|
GRPC_SSL_REQUEST_AND_REQUIRE_CLIENT_CERTIFICATE_BUT_DONT_VERIFY, |
|
|
|
|
/** Server requests client certificate and enforces that the client presents a
|
|
|
|
|
certificate. |
|
|
|
|
|
|
|
|
|
The cerificate presented by the client is verified by the gRPC framework. |
|
|
|
|
(For a successful connection the client needs to present a certificate that can be verified against |
|
|
|
|
the root certificate configured by the server) |
|
|
|
|
(For a successful connection the client needs to present a certificate that |
|
|
|
|
can be verified against the root certificate configured by the server) |
|
|
|
|
|
|
|
|
|
The client's key certificate pair must be valid for the SSL connection to be |
|
|
|
|
established. */ |
|
|
|
|
The client's key certificate pair must be valid for the SSL connection to |
|
|
|
|
be established. */ |
|
|
|
|
GRPC_SSL_REQUEST_AND_REQUIRE_CLIENT_CERTIFICATE_AND_VERIFY |
|
|
|
|
} grpc_ssl_client_certificate_request_type; |
|
|
|
|
|
|
|
|
|
|
Jan Tattermusch
7 years ago