mTLS on bmcweb
Zhenfei Tai
ztai at google.com
Thu Apr 23 07:58:06 AEST 2020
Hi,
I'm trying out bmcweb mTLS which should be enabled by default by
https://github.com/openbmc/bmcweb/blob/master/CMakeLists.txt#L89
In my test, I created a self signed key and certificate pair, stacked them
up into server.pem in /etc/ssl/certs/https that bmcweb uses.
However when I tried to curl bmcweb service, I was able to get response by
only supplying the cert.
curl --cacert cert.pem https://${bmc}/redfish/v1
With the mTLS enabled, I expected it should error out since no client
certificate is provided.
Could someone with relevant knowledge help with my question?
Thanks,
Zhenfei
-------------- next part --------------
An HTML attachment was scrubbed...
URL: <http://lists.ozlabs.org/pipermail/openbmc/attachments/20200422/252be5d2/attachment.htm>
More information about the openbmc
mailing list