Skip to content
This repository has been archived by the owner on Nov 20, 2024. It is now read-only.

[backport] tls: SNI-based cert selection during TLS handshake #59

Closed
wants to merge 1 commit into from
Closed

[backport] tls: SNI-based cert selection during TLS handshake #59

wants to merge 1 commit into from

Conversation

LuyaoZhong
Copy link

@LuyaoZhong LuyaoZhong commented Dec 1, 2022
edited
Loading

Envoy supports selecting certs by selecting filter chain based on SNI. But it is possible that we access different services via one filter chain, which requires SNI-based cert selection in one single filter chain during handshake.

Signed-off-by: Luyao Zhong [email protected]

Additional Description: This is part of TLS bumping, already merged to official Envoy envoyproxy/envoy#22036, we need to backport to intel repo.

tls: SNI-based cert selection during TLS handshake
6f4e027 
Envoy supports selecting certs by selecting filter chain based on SNI.
But it is possible that we access different services via one filter
chain, which requires SNI-based cert selection in one single filter
chain during handshake.

Signed-off-by: Luyao Zhong <[email protected]>
@LuyaoZhong
Copy link
Author

@poussa pls take a look

@LuyaoZhong LuyaoZhong closed this Dec 12, 2022
Sign up for free to subscribe to this conversation on GitHub. Already have an account? Sign in.
Reviewers
No reviews
Assignees
No one assigned
Labels
None yet
Projects
None yet
Milestone
No milestone
Development

Successfully merging this pull request may close these issues.
1 participant
@LuyaoZhong