From db5644815730115d6c3e8c33053b7daec8f4aa67 Mon Sep 17 00:00:00 2001 From: Matthew Holt Date: Mon, 31 Aug 2020 18:39:37 -0600 Subject: [PATCH] docs: Add tls eab subdirective --- src/docs/markdown/caddyfile/directives/tls.md | 2 ++ 1 file changed, 2 insertions(+) diff --git a/src/docs/markdown/caddyfile/directives/tls.md b/src/docs/markdown/caddyfile/directives/tls.md index a855190..2aa46d2 100644 --- a/src/docs/markdown/caddyfile/directives/tls.md +++ b/src/docs/markdown/caddyfile/directives/tls.md @@ -23,6 +23,7 @@ tls [internal|] | [ ] { ca ca_root dns [] + eab on_demand client_auth { mode [request|require|verify_if_given|require_and_verify] @@ -68,6 +69,7 @@ tls [internal|] | [ ] { - **ca** changes the ACME CA endpoint. This is most often used to use [Let's Encrypt's staging endpoint](https://letsencrypt.org/docs/staging-environment/) or an internal ACME server. (To change this value for the whole Caddyfile, use the `acme_ca` [global option](/docs/caddyfile/options) instead.) - **ca_root** specifies a PEM file that contains a trusted root certificate for the ACME CA endpoint, if not in the system trust store. - **dns** enables the [DNS challenge](/docs/automatic-https#dns-challenge) using the specified provider plugin, which must be plugged in from one of the [caddy-dns](https://github.com/caddy-dns) repositories. Each provider plugin may have their own syntax following their name; refer to their docs for details. Maintaining support for each DNS provider is a community effort. [Learn how to enable the DNS challenge for your provider at our wiki.](https://caddy.community/t/how-to-use-dns-provider-modules-in-caddy-2/8148) +- **eab** configures ACME external account binding (EAB) for this site, using the key ID and MAC key provided by your CA. - **on_demand** enables [on-demand TLS](/docs/automatic-https#on-demand-tls) for the hostnames given in the site block's address(es). - **client_auth** enables and configures TLS client authentication: - **mode** is the mode for authenticating the client. Allowed values are: