- Property Manager name: Client certificate
- Criteria version: The
v2024-05-31
rule format supports theclient_certificate
criteria v1.2. - Rule format status: GA, stable
- Access: Read/Write
- Allowed in includes: Yes
Matches whether you have configured a client certificate to authenticate requests to edge servers.
Option | Type | Description | Requires | |
---|---|---|---|---|
is_certificate_present | boolean | Executes rule behaviors only if a client certificate authenticates requests. | {"displayType":"boolean","tag":"input","type":"checkbox"} | |
is_certificate_valid | enum | Matches whether the certificate is | is_certificate_present is true | {"displayType":"enum","options":["VALID","INVALID","IGNORE"],"tag":"select"} {"if":{"attribute":"isCertificatePresent","op":"eq","value":true}} |
VALID | Match when the certificate is valid. | |||
INVALID | Match when the certificate is invalid. | |||
IGNORE | Ignores the certificate's is valid. | |||
enforce_mtls | boolean | Specifies custom handling of requests if any of the checks in the | {"displayType":"boolean","tag":"input","type":"checkbox"} {"if":{"op":"and","params":[{"op":"or","params":[{"attribute":"isCertificateValid","op":"eq","value":"VALID"},{"attribute":"isCertificateValid","op":"eq","value":"INVALID"}]},{"attribute":"modulesOnContract","op":"contains","scope":"global","value":"mTLS_client_to_edge"}]}} |