Open rafaeloening-barigui opened 5 years ago
This issue has been automatically marked as stale because it has not had recent activity. It will be closed if no further activity occurs. Thank you for your contributions.
not state. Can we pass through a validation_context
to support this? See https://www.envoyproxy.io/docs/envoy/latest/start/quick-start/securing#start-quick-start-securing-validation
Thanks, @dwj300 , for your comment. I came across this blog for context. Does this address the functionality in Ambassador that you're looking for? Are you open to contributing to this change?
I can take a stab at adding this functionality @cindymullins-dw
Please describe your use case / problem. The SSL negotiation to a backend application with a generic certificate is accepted. The ambassador does not verify the CN or SubjectAltName of the application certificate. In the documentation there is the follow information:
Describe the solution you'd like I would like a configuration parameter to change this default behavior to enable this SSL verification.
Describe alternatives you've considered None.
Additional context None.