From 53d7d0a9d462b90fa6fdcf9426de59a95adb2860 Mon Sep 17 00:00:00 2001
From: HuangDan <huangd@emqtt.io>
Date: Wed, 29 Aug 2018 16:24:01 +0800
Subject: [PATCH] Update the peer_cert_as_username conf desc

---
 etc/emqx.conf    | 6 +++---
 priv/emqx.schema | 3 +--
 2 files changed, 4 insertions(+), 5 deletions(-)

diff --git a/etc/emqx.conf b/etc/emqx.conf
index 31c5a11ed..588725446 100644
--- a/etc/emqx.conf
+++ b/etc/emqx.conf
@@ -752,8 +752,8 @@ listener.tcp.external.access.1 = allow all
 ## Enable the option for X.509 certificate based authentication.
 ## EMQX will use the common name of certificate as MQTT username.
 ##
-## Value: boolean
-## listener.tcp.external.peer_cert_as_username = true
+## Value: cn | dn
+## listener.tcp.external.peer_cert_as_username = cn
 
 ## The TCP backlog defines the maximum length that the queue of pending
 ## connections can grow to.
@@ -1096,7 +1096,7 @@ listener.ssl.external.ciphers = ECDHE-ECDSA-AES256-GCM-SHA384,ECDHE-RSA-AES256-G
 ## Use the CN field from the client certificate as a username.
 ## Notice that 'verify' should be set as 'verify_peer'.
 ##
-## Value: boolean
+## Value: cn | en
 ## listener.ssl.external.peer_cert_as_username = cn
 
 ## TCP backlog for the SSL connection.
diff --git a/priv/emqx.schema b/priv/emqx.schema
index a0d2bc0e2..1a2209dd8 100644
--- a/priv/emqx.schema
+++ b/priv/emqx.schema
@@ -857,8 +857,7 @@ end}.
 ]}.
 
 {mapping, "listener.tcp.$name.peer_cert_as_username", "emqx.listeners", [
-  {default, false},
-  {datatype, {enum, [true, false]}}
+  {datatype, {enum, [cn, dn]}}
 ]}.
 
 {mapping, "listener.tcp.$name.backlog", "emqx.listeners", [