Created Target TLS options (markdown)

2025-02-23 15:06:28 +08:00 · 2022-07-23 23:18:52 +02:00 · 2022-07-23 23:18:52 +02:00 · 29f6b05978
commit 29f6b05978
parent 1d6909715b
1 changed files with 47 additions and 0 deletions
--- a/Target-TLS-options.md
+++ b/Target-TLS-options.md
@ -0,0 +1,47 @@
+For HTTPS and MySQL targets, you can control how Warpgate secures its own connection to the target.
+
+By default, Warpgate will prefer a secure connection and will validate the server's certificate.
+
+The `tls` key accepts following options:
+
+```yaml
+    tls:
+      mode: preferred|disabled|required
+      verify: true|false
+```
+
+## Example: forcing a secure connection
+
+```yaml
+- name: secure-web-service
+  allow_roles: ['warpgate:admin']
+  http:
+    url: https://10.0.0.1
+    tls:
+      mode: required
+      verify: true
+```
+
+## Example: forcing insecure connection
+
+```yaml
+- name: db
+  allow_roles: ['warpgate:admin']
+  mysql:
+    host: 10.0.0.1
+    username: dev
+    password: '123'
+    tls:
+      mode: disabled
+```
+
+## Example: allowing self-signed certificates
+
+```yaml
+- name: insecure-web-service
+  allow_roles: ['warpgate:admin']
+  http:
+    url: https://10.0.0.1
+    tls:
+      verify: false
+```