TLS Downstream Client Certificate Authority
- Config File Key:
tls_downstream_client_caortls_downstream_client_ca_file - Type: base64 encoded
stringor relative file location - Optional
If specified, downstream clients (eg a user's browser) will be required to provide a valid client TLS
certificate. This overrides the global client_ca option for this route.
See Client-Side mTLS With Pomerium for more information.