SSL Client Authentication (SSLCAUTH)
This attribute specifies whether the channel needs to receive and authenticate a TLS certificate from a TLS client.
Possible values are:
- OPTIONAL
- If the peer TLS client sends a certificate, the certificate is processed as normal but authentication does not fail if no certificate is sent.
- REQUIRED
- If the TLS client does not send a certificate, authentication fails.
The default value is REQUIRED.
We can specify a value for SSLCAUTH on a non-TLS channel definition. That is, a channel definition on which the SSLCIPH attribute is missing or blank. We can temporarily disable TLS for debugging by setting the value of SSLCAUTH to OPTIONAL. Therefore we do not have to clear and then re-input the TLS parameters.
SSLCAUTH is an optional attribute.
This attribute is valid on all channel types that can ever receive a channel initiation flow, except for sender channels.
This attribute is valid for channel types of:
- Server
- Receiver
- Requester
- Server connection
- Cluster receiver
For more information about SSLCAUTH, see DEFINE CHANNEL (MQTT) and Securing.