Reference documentation and code samples for the Network Security V1 API module Google::Cloud::NetworkSecurity::V1::ServerTlsPolicy::MTLSPolicy::ClientValidationMode.
Mutual TLS certificate validation mode.
Constants
CLIENT_VALIDATION_MODE_UNSPECIFIED
value: 0
Not allowed.
ALLOW_INVALID_OR_MISSING_CLIENT_CERT
value: 1
Allow connection even if certificate chain validation
of the client certificate failed or no client certificate was
presented. The proof of possession of the private key is always checked
if client certificate was presented. This mode requires the backend to
implement processing of data extracted from a client certificate to
authenticate the peer, or to reject connections if the client
certificate fingerprint is missing.
REJECT_INVALID
value: 2
Require a client certificate and allow connection to the backend only
if validation of the client certificate passed.
If set, requires a reference to non-empty TrustConfig specified in
client_validation_trust_config.