lfs-test-server icon indicating copy to clipboard operation
lfs-test-server copied to clipboard
verified publisher icon git-lfs

Support mTLS

Open Warchant opened this issue 11 months ago • 2 comments

Please add support for mTLS (mutual TLS) authentication.

In LFS server I'd like to specify something like LFS_CACERT=ca.pem.

Then, clients specify these options:

  • http.sslCert
  • http.sslKey

If client's sslCert is signed by CA, then we authenticate this client on LFS server.

Warchant avatar Mar 19 '25 08:03 Warchant

Hey, thanks for the suggestion; I'll mark this issue as a possible enhancement.

Because we use a different test server for the principal Git LFS client project's test suite, this project doesn't see a lot of development.

If anyone has time to put together a PR which implements mTLS authentication, that would be appreciated!

chrisd8088 avatar Mar 19 '25 23:03 chrisd8088

I would be remiss if I didn't also mention that there are a lot of other Git LFS server implementations, and one of those might suit your purposes and have mTLS support already in place.

chrisd8088 avatar Mar 20 '25 02:03 chrisd8088