It is *mutual auth*. Both server and client validate either's key. I should have mentioned "in addition to...."
Sai On Fri, Dec 21, 2018 at 7:54 AM aashish choudhary < [email protected]> wrote: > So it's not mutual authentication? Both the parties are not validating > each other only server is validating client's key if I my understanding is > correct. > > > With best regards, > Ashish > > On Fri, Dec 21, 2018, 1:29 AM Sai Boorlagadda <[email protected] > wrote: > >> Hello Aashish, >> >> When ssl-require-authentication is set allows servwrs to validate >> client's public key, which also requires you to include the CA in server's >> trust store using which client public key is signed. >> >> Sai >> >> On Thu, Dec 20, 2018, 10:43 AM aashish choudhary < >> [email protected] wrote: >> >>> We wanted to implement two way ssl with geode and needed some >>> understanding on ssl property ssl-require-authentication. As per docs >>> *ssl-require-authentication*Requires two-way authentication, applies to >>> all components except web. Boolean - if true (the default), two-way >>> authentication is required. >>> So if we set this as true it will only verify the trust chain or some >>> public key stuff for both client and server will get verified in this >>> authentication. >>> >>> >>> Thanks, >>> Ashish >>> >>
