After enabling TLS communication in ngmonitor,The startup configuration file of ngmonitor already has the following certificate configuration.
[security]
ca-path = ""
cert-path = ""
key-path = ""
ng-monitoring should provide a capability similar to the configuration of the cert-allowed-cn parameter described at https://docs.pingcap.com/tidb/stable/tikv-configuration-file/#cert-allowed-cn. A list of acceptable X.509 Common Names in certificates presented by clients. Requests are permitted only when the presented Common Name is an exact match with one of the entries in the list.
After enabling TLS communication in ngmonitor,The startup configuration file of ngmonitor already has the following certificate configuration.
[security]
ca-path = ""
cert-path = ""
key-path = ""
ng-monitoring should provide a capability similar to the configuration of the cert-allowed-cn parameter described at https://docs.pingcap.com/tidb/stable/tikv-configuration-file/#cert-allowed-cn. A list of acceptable X.509 Common Names in certificates presented by clients. Requests are permitted only when the presented Common Name is an exact match with one of the entries in the list.