Skip to content
New issue

Have a question about this project? Sign up for a free GitHub account to open an issue and contact its maintainers and the community.

By clicking “Sign up for GitHub”, you agree to our terms of service and privacy statement. We’ll occasionally send you account related emails.

Already on GitHub? Sign in to your account

Upstream TLS #374

Closed
k-wall opened this issue Jun 8, 2023 · 0 comments · Fixed by #380
Closed

Upstream TLS #374

k-wall opened this issue Jun 8, 2023 · 0 comments · Fixed by #380
Labels
enhancement New feature or request

Comments

@k-wall
Copy link
Contributor

k-wall commented Jun 8, 2023

Is your feature request related to a problem? Please describe.

I want to be able to use Kroxylicious with an upstream cluster that uses TLS.

Describe the solution you'd like

Kroxylicious currently uses plain communications between itself and the upstream clusters. It should allow itself to be configured for the TLS. It must support the configuration of trust anchors (since the integration tests use self-signed certificates, this is a must). It should probably also allow for TLS verification to be disabled to support development use-cases.

Features like TLS client auth and configuration of the cipher suites/protocols could be delivered later.

A clear and concise description of what you want to happen.

Describe alternatives you've considered
A clear and concise description of any alternative solutions or features you've considered.

Additional context
Add any other context or screenshots about the feature request here.

@k-wall k-wall added the enhancement New feature or request label Jun 8, 2023
k-wall added a commit that referenced this issue Jun 23, 2023
)

Fix #375: Support key material common to Kubernetes (PEMs)
Fix: #374: Upstream TLS

- added support for keystore/truststore passwords to come from files too.
- initialise SSLContext once (at virtualcluster's construction), rather than per-connection on the IO thread

Co-authored-by: Sam Barker <[email protected]>
Signed-off-by: Keith Wall <[email protected]>
Sign up for free to join this conversation on GitHub. Already have an account? Sign in to comment
Labels
enhancement New feature or request
Projects
Archived in project
Development

Successfully merging a pull request may close this issue.

1 participant