We are currently testing deployment of Velociraptor with mTLS enabled.
We have added "require_client_certificates: true" to the Frontend section of the server configuration file, however when we test enrolling a client with a client config that DOES NOT have the client certificate or private key embedded, it enrolls successfully.
We also tested by visiting the /server.pem URL directly in the browser and it retrieves it fine.
Hi Velociraptor Team
We are currently testing deployment of Velociraptor with mTLS enabled.
We have added "require_client_certificates: true" to the Frontend section of the server configuration file, however when we test enrolling a client with a client config that DOES NOT have the client certificate or private key embedded, it enrolls successfully.
We also tested by visiting the /server.pem URL directly in the browser and it retrieves it fine.
Are we missing something obvious here?