I've added a new extension to the PROXY protocol to funnel the full client certificate!
-
I've added a new extension to the PROXY protocol to funnel the full client certificate! This unlocks backend-specific client certificate checks, e.g. verifying from a list of trusted certificates. Thanks to this client certificate authentication can be used with soju behind a TLS termination reverse proxy such as tlstunnel.
https://git.haproxy.org/?p=haproxy.git;a=commitdiff;h=6f5def3cbd88b242ce33ad051897f98463a8026e
-
I've added a new extension to the PROXY protocol to funnel the full client certificate! This unlocks backend-specific client certificate checks, e.g. verifying from a list of trusted certificates. Thanks to this client certificate authentication can be used with soju behind a TLS termination reverse proxy such as tlstunnel.
https://git.haproxy.org/?p=haproxy.git;a=commitdiff;h=6f5def3cbd88b242ce33ad051897f98463a8026e
@emersion Oooo, nice. I've had an use case for this for a good while. Thanks for this!
-
I've added a new extension to the PROXY protocol to funnel the full client certificate! This unlocks backend-specific client certificate checks, e.g. verifying from a list of trusted certificates. Thanks to this client certificate authentication can be used with soju behind a TLS termination reverse proxy such as tlstunnel.
https://git.haproxy.org/?p=haproxy.git;a=commitdiff;h=6f5def3cbd88b242ce33ad051897f98463a8026e
@emersion excellent! you should link to tlstunnel https://codeberg.org/emersion/tlstunnel as there are several projects with similar names.
-
S skorpy@chaos.social shared this topic
