diff options
author | Lukasz Woznicki <75632179+makr11st@users.noreply.github.com> | 2021-10-22 20:00:19 +0100 |
---|---|---|
committer | GitHub <noreply@github.com> | 2021-10-22 20:00:19 +0100 |
commit | 30a0c1e7bc6edc5703b49a2c6036ba9b16ff46a1 (patch) | |
tree | 013069a6b19f3cb7c2f07d1d9023f6a651f34b31 /tedge_config | |
parent | 9e02441af533500c9f8d8823894ca753acca7c95 (diff) |
[CIT-620] Modify certificate configuration for external MQTT access (#515)
* Add conditional configuration to enable or disable external mqtt
certificates
* Add a quick tutorial how to use external settings
Signed-off-by: Lukasz Woznicki <lukasz.woznicki@softwareag.com>
Diffstat (limited to 'tedge_config')
-rw-r--r-- | tedge_config/src/settings.rs | 9 |
1 files changed, 6 insertions, 3 deletions
diff --git a/tedge_config/src/settings.rs b/tedge_config/src/settings.rs index d8f8c206..e5cea255 100644 --- a/tedge_config/src/settings.rs +++ b/tedge_config/src/settings.rs @@ -210,7 +210,8 @@ impl ConfigSetting for MqttExternalCAPathSetting { const DESCRIPTION: &'static str = concat!( "Path to a file containing the PEM encoded CA certificates ", "that are trusted when checking incoming client certificates. ", - "Example: /etc/ssl/certs" + "Example: /etc/ssl/certs", + "Note: If the capath is not set, then no certificates are required for the external connections." ); type Value = FilePath; @@ -224,7 +225,8 @@ impl ConfigSetting for MqttExternalCertfileSetting { const DESCRIPTION: &'static str = concat!( "Path to the certificate file, which is used by external MQTT listener", - "Example: /etc/tedge/device-certs/tedge-certificate.pem" + "Example: /etc/tedge/device-certs/tedge-certificate.pem", + "Note: This setting shall be used together with `mqtt.external.keyfile` for external connections." ); type Value = FilePath; @@ -238,7 +240,8 @@ impl ConfigSetting for MqttExternalKeyfileSetting { const DESCRIPTION: &'static str = concat!( "Path to the private key file, which is used by external MQTT listener", - "Example: /etc/tedge/device-certs/tedge-private-key.pem" + "Example: /etc/tedge/device-certs/tedge-private-key.pem", + "Note: This setting shall be used together with `mqtt.external.certfile` for external connections." ); type Value = FilePath; |