SNI-routing without TLS termination: Make secretRef optional in sslConfig #2069
Assignees
Labels
Comments
EItanya
added
Area: Envoy
|
This was taken care of during the failover feature work |
Sign up for free
to join this conversation on GitHub.
Already have an account?
Sign in to comment
I would like to route some domains without termination and terminate others as normal on the same IP. Because Envoy can do this--see closed envoy issue--Gloo should be able to do this as well.
Based on the Slack discussion, it appears that allowing
secretRefto be nil should work. That approach is quite intuitive--leave out the secret and gloo's Envoy proxy will not perform TLS termination and instead route based on the tls ClientHello.According to the envoy issue, leaving out tls_context in Envoy config should enable this to function.
The text was updated successfully, but these errors were encountered: