Open benediktwerner opened 2 months ago
Related to https://github.com/envoyproxy/gateway/issues/3622
We have discussed the TLS setting for external services such as OIDC provider, ext auth, ext proc in the EG meeting. The current agreement is that these services can be modeled as the EG Backend
resources and be associated with a BackendTLSConfig
.
This issue has been automatically marked as stale because it has not had activity in the last 30 days.
Our OIDC provider doesn't support Envoy's default ECDH curves so we currently have to configure additional curves via a patch policy.
It looks like EG v1.1 will already add a default
BackendTLSConfig
for theEnvoyProxy
which seems good enough but at first glance, it looks like it currently isn't applied to the OIDC provider cluster?