"cert_required" property configurable per path (not only for the whole Host)
juanjoku opened this issue · comments
Please describe your use case / problem.
Currently, Emissary allows configuring the "cert_required" property for each Host (well, or for a TLSContext configured for a Host).
But it may be interesting that this "cert_required" can be configured for specific paths within the host.
For example:
- https://my.company.com/private requires a valid client certificate
- https://my.company.com/public doesnt require a valid client certificate
Describe the solution you'd like
Allow, at the Mapping level, to indicate whether the client certificate is optional or required.
Or is this feasible with Emisary, and I have not found how do it? !!
Additional context
For example, this is possible using NGINX (its equivalent "ssl_verify_client" property can be adjusted for each path in the same host)