From 27a65f8745a1b9b151bb4cdc9ba54fb110eb6a67 Mon Sep 17 00:00:00 2001 From: Brad Jones Date: Thu, 19 Sep 2019 01:06:03 -0600 Subject: [PATCH] Add note clarifying client certificate header --- docs/content/middlewares/passtlsclientcert.md | 5 ++++- 1 file changed, 4 insertions(+), 1 deletion(-) diff --git a/docs/content/middlewares/passtlsclientcert.md b/docs/content/middlewares/passtlsclientcert.md index 511adac35..9da4dbed0 100644 --- a/docs/content/middlewares/passtlsclientcert.md +++ b/docs/content/middlewares/passtlsclientcert.md @@ -219,7 +219,10 @@ PassTLSClientCert can add two headers to the request: - `X-Forwarded-Tls-Client-Cert-Info` that contains all the selected certificate information in an escaped string. !!! info - The headers are filled with escaped string so it can be safely placed inside a URL query. + + * The headers are filled with escaped string so it can be safely placed inside a URL query. + * These options only work accordingly to the [MutualTLS configuration](../https/tls.md#client-authentication-mtls). + That is to say, only the certificates that match the `clientAuth.clientAuthType` policy are passed. In the following example, you can see a complete certificate. We will use each part of it to explain the middleware options.