Feature Request
Support for allowing only a certain list of dns names or fingerprints in client certificates
Proposal:
Current behavior:
Only filtering with CA is possible
Desired behavior:
Possible to define
tls_allowed_dns_names = [""]
tls_allowed_fingerprints = [""]
Such that only defines names or fingerprints is allowed to connect to telegraf
Use case:
Locking down access to telegraf even though the CA is shared along with other purposes.
DNS Names allow for a more dynamic approach which fingerprints allow to really pin the certificate down to exactly one.
The code is complete and I can make a PR with it.
Feature Request
Support for allowing only a certain list of dns names or fingerprints in client certificates
Proposal:
Current behavior:
Only filtering with CA is possible
Desired behavior:
Possible to define
tls_allowed_dns_names = [""]tls_allowed_fingerprints = [""]Such that only defines names or fingerprints is allowed to connect to telegraf
Use case:
Locking down access to telegraf even though the CA is shared along with other purposes.
DNS Names allow for a more dynamic approach which fingerprints allow to really pin the certificate down to exactly one.
The code is complete and I can make a PR with it.