This option only needs to be configured when the agent is expected to provide a client certificate. Sending client certificates is currently only supported by the RUM agent through the browser and by the Jaeger agent.
Which suggests to me that this should be configurable in the RUM agent..? I can't find any mention of that in the RUM agent documentation.
Am I making wrong assumptions or looking in the wrong place in the docs?
There is also not anything resembling server_name or anything like that which I'm used to configure for web servers when setting the domain name of the service and which is checked against the available certificate. Is the server_name just taken from the POST request then? Looks like it from my initial tests...
As is mentioned in the docs the certificate has to be provided by the browser. In other words the certificate needs to be installed on users' machines before hand. This is only provided for scenarios in which you have access to end-users' machines (e.g. an internal network or similar). The certificate can not be configure from the agent since it doesn't (and shouldn't) have access to setting the certificate (the browser handles all that).
That is correct, you should set client_authentication: none.
From our 7.7 stack release we also have changed the default value for that config option to none.
Apache, Apache Lucene, Apache Hadoop, Hadoop, HDFS and the yellow elephant
logo are trademarks of the
Apache Software Foundation
in the United States and/or other countries.
