Over HTTPS, sources should be able to use a certificate instead of a username and password. When configuring the source, you will need to specify the expected Common Name (CN) of the certificate and decide how the certificate should be validated (single CA certificate, path to a bundle, system default).
Database
The source table gets two new columns:
client_certificate_cn varchar(64) DEFAULT NULLca_bundle_path text DEFAULT NULL COMMENT "System default bundle if NULL"
Maintenance
As in #388 this is up to the administrator which is why the reference to the CA certificate or bundle can only be a path to ease rotating it automatically.
Over HTTPS, sources should be able to use a certificate instead of a username and password. When configuring the source, you will need to specify the expected Common Name (CN) of the certificate and decide how the certificate should be validated (single CA certificate, path to a bundle, system default).
Database
The
sourcetable gets two new columns:client_certificate_cn varchar(64) DEFAULT NULLca_bundle_path text DEFAULT NULL COMMENT "System default bundle if NULL"Maintenance
As in #388 this is up to the administrator which is why the reference to the CA certificate or bundle can only be a path to ease rotating it automatically.