Skip to content
New issue

Have a question about this project? Sign up for a free GitHub account to open an issue and contact its maintainers and the community.

Sign up for GitHub

By clicking “Sign up for GitHub”, you agree to our terms of service and privacy statement. We’ll occasionally send you account related emails.

Already on GitHub? Sign in to your account

Jump to bottom

Support RouteTLSConfig on HTTPRoute #3439

Closed
stevesloka opened this issue Mar 3, 2021 · 1 comment
Closed

Support RouteTLSConfig on HTTPRoute #3439

stevesloka opened this issue Mar 3, 2021 · 1 comment
Labels
kind/feature Categorizes issue or PR as related to a new feature. lifecycle/needs-triage Indicates that an issue needs to be triaged by a project contributor.

Comments

@stevesloka
Copy link
Member

Support TLS on an HTTPRoute by implementing the RouteTLSConfig.

TLS defines the TLS certificate to use for Hostnames defined in this Route. This configuration only takes effect if the AllowRouteOverride field is set to true in the associated Gateway resource.

Collisions can happen if multiple HTTPRoutes define a TLS certificate for the same hostname. In such a case, conflict resolution guiding principles apply, specifically, if hostnames are same and two different certificates are specified then the certificate in the oldest resource wins.

Please note that HTTP Route-selection takes place after the TLS Handshake (ClientHello). Due to this, TLS certificate defined here will take precedence even if the request has the potential to match multiple routes (in case multiple HTTPRoutes share the same hostname).

//ref: https://gateway-api.sigs.k8s.io/spec/#networking.x-k8s.io/v1alpha1.RouteTLSConfig
@stevesloka stevesloka added kind/feature Categorizes issue or PR as related to a new feature. lifecycle/needs-triage Indicates that an issue needs to be triaged by a project contributor. labels Mar 3, 2021
@stevesloka stevesloka mentioned this issue Mar 3, 2021
Closed
3 tasks
@skriss
Copy link
Member

skriss commented Aug 17, 2021

Per #3404 (comment), configuring TLS on HTTPRoutes is being dropped in v1alpha2 so there's no point in implementing this now. Closing out.

@skriss skriss closed this as completed Aug 17, 2021
@skriss skriss mentioned this issue Aug 17, 2021
Closed
Sign up for free to join this conversation on GitHub. Already have an account? Sign in to comment
Assignees
No one assigned
Labels
kind/feature Categorizes issue or PR as related to a new feature. lifecycle/needs-triage Indicates that an issue needs to be triaged by a project contributor.
Projects
None yet
Milestone
No milestone
Development

No branches or pull requests
2 participants
@stevesloka @skriss