search

emissary-ingress / emissary

open source Kubernetes-native API gateway for microservices built on the Envoy Proxy
https://www.getambassador.io
Apache License 2.0
4.34k stars 682 forks source link

Support for certificate revocation list #1743

Open eyaldannon opened 5 years ago

eyaldannon commented 5 years ago

Please describe your use case / problem. I would like to be able to specify allowed certificate (CRL).

Describe the solution you'd like Envoy implementation would be: https://github.com/envoyproxy/envoy/pull/2255/files

stale[bot] commented 4 years ago

This issue has been automatically marked as stale because it has not had recent activity. It will be closed if no further activity occurs. Thank you for your contributions.

zeeZ commented 4 years ago

It's sad to see that revocation seems to be an afterthought (if at all) in this fancy new cloud world.

ovk commented 3 years ago

Could someone reopen this issue please? It seems like Envoy now has CRL support: https://www.envoyproxy.io/docs/envoy/latest/api-v3/extensions/transport_sockets/tls/v3/common.proto#envoy-v3-api-field-extensions-transport-sockets-tls-v3-certificatevalidationcontext-crl

kflynn commented 3 years ago

Happy to reopen; thanks for the pointer to Envoy support!

stale[bot] commented 3 years ago

This issue has been automatically marked as stale because it has not had recent activity. It will be closed if no further activity occurs. Thank you for your contributions.

ovk commented 3 years ago

Unstale

stale[bot] commented 3 years ago

This issue has been automatically marked as stale because it has not had recent activity. It will be closed if no further activity occurs. Thank you for your contributions.

ovk commented 3 years ago

Not stale