diff --git a/docs/content/middlewares/forwardauth.md b/docs/content/middlewares/forwardauth.md index 9b9f7678e..39ae2220d 100644 --- a/docs/content/middlewares/forwardauth.md +++ b/docs/content/middlewares/forwardauth.md @@ -206,7 +206,7 @@ The `tls` option is the TLS configuration from Traefik to the authentication ser #### `tls.ca` -TODO add description. +Certificate Authority used for the secured connection to the authentication server. ```yaml tab="Docker" labels: @@ -266,7 +266,12 @@ http: #### `tls.caOptional` -TODO add description. +Policy used for the secured connection with TLS Client Authentication to the authentication server. +Requires `tls.ca` to be defined. + +- `true`: VerifyClientCertIfGiven +- `false`: RequireAndVerifyClientCert +- if `tls.ca` is undefined NoClientCert ```yaml tab="Docker" labels: @@ -316,7 +321,7 @@ http: #### `tls.cert` -TODO add description. +Public certificate used for the secured connection to the authentication server. ```yaml tab="Docker" labels: @@ -385,7 +390,7 @@ http: #### `tls.key` -TODO add description. +Private certificate used for the secure connection to the authentication server. ```yaml tab="Docker" labels: @@ -454,7 +459,7 @@ http: #### `tls.insecureSkipVerify` -TODO add description. +If `insecureSkipVerify` is `true`, TLS for the connection to authentication server accepts any certificate presented by the server and any host name in that certificate. ```yaml tab="Docker" labels: diff --git a/docs/content/providers/docker.md b/docs/content/providers/docker.md index a7e2fab9b..60efd697a 100644 --- a/docs/content/providers/docker.md +++ b/docs/content/providers/docker.md @@ -430,7 +430,7 @@ _Optional_ #### `tls.ca` -TODO add description. +Certificate Authority used for the secured connection to Docker. ```toml tab="File (TOML)" [providers.docker.tls] @@ -450,7 +450,12 @@ providers: #### `tls.caOptional` -TODO add description. +Policy followed for the secured connection with TLS Client Authentication to Docker. +Requires `tls.ca` to be defined. + +- `true`: VerifyClientCertIfGiven +- `false`: RequireAndVerifyClientCert +- if `tls.ca` is undefined NoClientCert ```toml tab="File (TOML)" [providers.docker.tls] @@ -470,7 +475,7 @@ providers: #### `tls.cert` -TODO add description. +Public certificate used for the secured connection to Docker. ```toml tab="File (TOML)" [providers.docker.tls] @@ -493,7 +498,7 @@ providers: #### `tls.key` -TODO add description. +Private certificate used for the secured connection to Docker. ```toml tab="File (TOML)" [providers.docker.tls] @@ -516,7 +521,7 @@ providers: #### `tls.insecureSkipVerify` -TODO add description. +If `insecureSkipVerify` is `true`, TLS for the connection to Docker accepts any certificate presented by the server and any host name in that certificate. ```toml tab="File (TOML)" [providers.docker.tls] diff --git a/docs/content/providers/marathon.md b/docs/content/providers/marathon.md index b7064c869..6227ade57 100644 --- a/docs/content/providers/marathon.md +++ b/docs/content/providers/marathon.md @@ -404,7 +404,7 @@ _Optional_ #### `tls.ca` -TODO add description. +Certificate Authority used for the secured connection to Marathon. ```toml tab="File (TOML)" [providers.marathon.tls] @@ -424,7 +424,12 @@ providers: #### `tls.caOptional` -TODO add description. +Policy followed for the secured connection to Marathon with TLS Client Authentication. +Requires `tls.ca` to be defined. + +- `true`: VerifyClientCertIfGiven +- `false`: RequireAndVerifyClientCert +- if `tls.ca` is undefined NoClientCert ```toml tab="File (TOML)" [providers.marathon.tls] @@ -444,7 +449,7 @@ providers: #### `tls.cert` -TODO add description. +Public certificate used for the secured connection to Marathon. ```toml tab="File (TOML)" [providers.marathon.tls] @@ -467,7 +472,7 @@ providers: #### `tls.key` -TODO add description. +Private certificate used for the secured connection to Marathon. ```toml tab="File (TOML)" [providers.marathon.tls] @@ -490,7 +495,7 @@ providers: #### `tls.insecureSkipVerify` -TODO add description. +If `insecureSkipVerify` is `true`, TLS for the connection to Marathon accepts any certificate presented by the server and any host name in that certificate. ```toml tab="File (TOML)" [providers.marathon.tls]