-
Notifications
You must be signed in to change notification settings - Fork 73
New issue
Have a question about this project? Sign up for a free GitHub account to open an issue and contact its maintainers and the community.
By clicking “Sign up for GitHub”, you agree to our terms of service and privacy statement. We’ll occasionally send you account related emails.
Already on GitHub? Sign in to your account
HTTPS client should support SNI #271
Comments
Does Nginx proxy_pass upstream support SNI? Is this just our "http.cc" code issue or this is the whole Nginx issue? |
Any idea when this might be implemented? I'm facing the same situation. |
Without this I cannot use my custom domain on auth0. My scenario:
|
We are having the exact problem as mentioned by MrBlaise using our custom domain with Okta. We are unable to use that custom domain until it is fixed. |
@bourquep , @MrBlaise , @Daniel-Houston, can you share your configurations and your steps to reproduce the problem? |
Nothing special configuration, I am doing everything that is written in the Kubernetes Engine tutorial (https://cloud.google.com/endpoints/docs/openapi/get-started-kubernetes-engine) and then set up custom domain according to this: https://cloud.google.com/endpoints/docs/openapi/serving-apis-from-domains I also use auth0 so I followed this guide: https://auth0.com/docs/integrations/google-cloud-platform The error I get is written in my previous answer. EDIT:
|
Sorry I left most important part
The |
This PR adds the SNI support for https clients. Problem solved by this PR: Per the following two github issues, ESP https clients do not support SNI (Server Name Indication) for https connections. cloudendpoints#271 cloudendpoints#262
This PR adds the SNI support to ESP for https clients. Problem solved by this PR: Per the following two github issues, ESP https clients do not support SNI (Server Name Indication) for https connections. cloudendpoints#271 cloudendpoints#262
This PR adds the SNI support to ESP for https clients. Problem solved by this PR: before this PR, ESP https clients do not support SNI (Server Name Indication) for https connections. Details in the following two github issues. - cloudendpoints#271 - cloudendpoints#262
This PR adds the SNI (Server Name Indication) support to ESP for https clients. Problem solved by this PR: before this PR, ESP https clients do not support SNI for https connections. Details in the following two github issues. - cloudendpoints#271 - cloudendpoints#262
This PR adds the SNI (Server Name Indication) support to ESP for https clients. Problem solved by this PR: before this PR, ESP https clients do not support SNI for https connections. Details in the following two github issues. - cloudendpoints#271 - cloudendpoints#262
@MrBlaise , thank you for sharing the steps to reproduce the problem! |
The support of SNI (Server Name Indication) for https clients has been added to ESP by the commit 3fe87fd. |
Great news! Thank you! When will this release? |
It should be released either this week or next week. |
ESP 1.20.0 was released and contains the fix. Let me know if this solves your issue. |
It works now 🎉 Thanks! |
The HTTPS client fetching auth public key doesn't support SNI, in some case ESP won't be able to fetch keys. See #262
The text was updated successfully, but these errors were encountered: