This version (2017/05/27 13:44) is a draft.
Approvals: 0/1

[09:39:52] *** ChanServ sets mode: +o temporalfox

[12:18:36] <GregG> hi Guys, a very quick question related to vertx-web

[12:19:03] <GregG> is there a simple configuration option for vertx server to switch on mutual TLS ?

[12:19:23] <GregG> or would I have to implement another authorization mechanism for this ?

[12:29:27] <Sticky> if you set the trust store, in HttpServerOptions there is setClientAuth, that I believe requires connections to have a client cert that can be verified by a cert in the trust store

[12:30:33] <Sticky> is there a difference between “mutual TLS” and requiring incoming connections to have a client cert?

[15:16:57] <GregG> I don't think there is a difference

[15:17:38] <GregG> well, the only bit I would say is that the Server would need to have the client certificate somewhere (trustostore, etc.) so it could be validated

[15:18:10] <GregG> this way, only clients which are pre-approved (so server has their certificates) would be able to connect

[15:21:08] <Sticky> yeah HttpServerOptions has a trust store for that

[15:21:36] <GregG> thanks @Sticky :)