Merge pull request #14985 from alonbl

* pr/14985:
  Polish contribution
  Allow to disable SSL client authentication on the management port

Author: snicoll

spring-boot-project/spring-boot-actuator-autoconfigure/src/main/resources/META-INF/additional-spring-configuration-metadata.json

@@ -303,7 +303,7 @@
     },
     {
       "name": "management.server.ssl.client-auth",
-      "description": "Whether client authentication is wanted (\"want\") or needed (\"need\"). Requires a trust store."
+      "description": "Whether client authentication is not wanted (\"none\"), wanted (\"want\") or needed (\"need\"). Requires a trust store."
     },
     {
       "name": "management.server.ssl.enabled",

spring-boot-project/spring-boot-autoconfigure/src/main/resources/META-INF/additional-spring-configuration-metadata.json

@@ -136,7 +136,7 @@
     },
     {
       "name": "server.ssl.client-auth",
-      "description": "Whether client authentication is wanted (\"want\") or needed (\"need\"). Requires a trust store."
+      "description": "Whether client authentication is not wanted (\"none\"), wanted (\"want\") or needed (\"need\"). Requires a trust store."
     },
     {
       "name": "server.ssl.enabled",

spring-boot-project/spring-boot-docs/src/main/asciidoc/appendix-application-properties.adoc

@@ -233,7 +233,7 @@ content into your application. Rather, pick only the properties that you need.
 	server.servlet.session.timeout=30m # Session timeout. If a duration suffix is not specified, seconds will be used.
 	server.servlet.session.tracking-modes= # Session tracking modes.
 	server.ssl.ciphers= # Supported SSL ciphers.
-	server.ssl.client-auth= # Whether client authentication is wanted ("want") or needed ("need"). Requires a trust store.
+	server.ssl.client-auth= # Whether client authentication is not wanted ("none"), wanted ("want") or needed ("need"). Requires a trust store.
 	server.ssl.enabled=true # Whether to enable SSL support.
 	server.ssl.enabled-protocols= # Enabled SSL protocols.
 	server.ssl.key-alias= # Alias that identifies the key in the key store.
@@ -1205,7 +1205,7 @@ content into your application. Rather, pick only the properties that you need.
 	management.server.port= # Management endpoint HTTP port (uses the same port as the application by default). Configure a different port to use management-specific SSL.
 	management.server.servlet.context-path= # Management endpoint context-path (for instance, `/management`). Requires a custom management.server.port.
 	management.server.ssl.ciphers= # Supported SSL ciphers.
-	management.server.ssl.client-auth= # Whether client authentication is wanted ("want") or needed ("need"). Requires a trust store.
+	management.server.ssl.client-auth= # Whether client authentication is not wanted ("none"), wanted ("want") or needed ("need"). Requires a trust store.
 	management.server.ssl.enabled=true # Whether to enable SSL support.
 	management.server.ssl.enabled-protocols= # Enabled SSL protocols.
 	management.server.ssl.key-alias= # Alias that identifies the key in the key store.

spring-boot-project/spring-boot/src/main/java/org/springframework/boot/web/server/Ssl.java

@@ -69,8 +69,8 @@ public void setEnabled(boolean enabled) {
 	}
 
 	/**
-	 * Return Whether client authentication is wanted ("want") or needed ("need").
-	 * Requires a trust store.
+	 * Return Whether client authentication is not wanted ("none"), wanted ("want") or
+	 * needed ("need"). Requires a trust store.
 	 * @return the {@link ClientAuth} to use
 	 */
 	public ClientAuth getClientAuth() {
@@ -243,6 +243,11 @@ public void setProtocol(String protocol) {
 	 */
 	public enum ClientAuth {
 
+		/**
+		 * Client authentication is not wanted.
+		 */
+		NONE,
+
 		/**
 		 * Client authentication is wanted but not mandatory.
 		 */