|
|
|
|
@ -105,6 +105,16 @@ environment and adapt these configurations accordingly.
|
|
|
|
|
[CVE-2018-19653](https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2018-19653) for more details. This is fixed
|
|
|
|
|
in 1.4.1.
|
|
|
|
|
|
|
|
|
|
- [`auto_encrypt`](/docs/agent/options#auto_encrypt) - Enables automated TLS certificate distribution for client
|
|
|
|
|
agent RPC communication using the Connect CA. Using this configuration a [`ca_file`](/docs/agent/options#ca_file)
|
|
|
|
|
and ACL token would still need to be distributed to client agents.
|
|
|
|
|
|
|
|
|
|
- [`allow_tls`](/docs/agent/options#allow_tls) - By default this is false, and should be set to true on server
|
|
|
|
|
agents to allow certificates to be automatically generated and distributed from the Connect CA to client agents.
|
|
|
|
|
|
|
|
|
|
- [`tls`](/docs/agent/options#tls) - By default this false, and should be set to true on client agents to
|
|
|
|
|
automatically request a client TLS certificate from the server's Connect CA.
|
|
|
|
|
|
|
|
|
|
**Example Server Agent TLS Configuration**
|
|
|
|
|
|
|
|
|
|
```hcl
|
|
|
|
|
|
Kent 'picat' Gruber
4 years ago