fix(schema): sll key and cert files are nullable

2021-09-22 23:47:36 +02:00 · 2021-09-22 23:47:36 +02:00 · 3027bc3a0c
parent 4392357877
commit 3027bc3a0c
1 changed files with 23 additions and 0 deletions
--- a/apps/emqx/src/emqx_schema.erl
+++ b/apps/emqx/src/emqx_schema.erl
@ -926,16 +926,39 @@ common_ssl_opts_schema(Defaults) ->
    , {"cacertfile",
       sc(string(),
          #{ default => D("cacertfile")
+           , nullable => true
+           , desc =>
+"""Trusted PEM format CA certificates bundle file.<br>
+The certificates in this file are used to verify the TLS peer's certificates.
+Append new certificates to the file if new CAs are to be trusted.
+There is no need to restart EMQ X to have the updated file loaded, because
+the system regularly checks if file has been updated (and reload).<br>
+NOTE: invalidating (deleting) a certificate from the file will not affect
+already established connections.
+"""
           })
      }
    , {"certfile",
       sc(string(),
          #{ default => D("certfile")
+           , nullable => true
+           , desc =>
+"""PEM format certificates chain file.<br>
+The certificates in this file should be in reversed order of the certificate
+issue chain. That is, the host's certificate should be placed in the beginning
+of the file, followed by the immediate issuer certificate and so on.
+Although the root CA certificate is optional, it should placed at the end of
+the file if it is to be added.
+"""
           })
      }
    , {"keyfile",
       sc(string(),
          #{ default => D("keyfile")
+           , nullable => true
+           , desc =>
+"""PEM format private key file.<br>
+"""
           })
      }
    , {"verify",