Release chart=2.110.26,image=2.110.26: Validate server TLS certificate between federators (#1662) · wireapp/wire-server

chart=2.110.26,image=2.110.26
d3db326
Verified

This commit was created on GitHub.com and signed with GitHub’s verified signature. The key has expired.

GPG key ID: 4AEE18F83AFDEB23
Expired

Verified
Learn about vigilant mode
Choose a tag to compare

Filter

View all tags

chart=2.110.26,image=2.110.26: Validate server TLS certificate between federators (#1662)

chart=2.110.26,image=2.110.26
d3db326
Choose a tag to compare

Filter

View all tags
Verified

This commit was created on GitHub.com and signed with GitHub’s verified signature. The key has expired.

GPG key ID: 4AEE18F83AFDEB23
Expired

Verified
Learn about vigilant mode

jschaul tagged this 27 Jul 07:53

This sets a reasonably secure TLS configuration for the GRPC client that
federator uses to connect to other federators (or rather, nginx ingresses,
assuming a wire-server instance on the other side).

## Summary of changes

 - Enabled TLS validation and specifying a CA when creating a GRPC client
 - Added new configuration options for federator and corresponding docs
   (`docs/reference/config-options.md`)
 - Added integration test for the GRPC client against a local nginx playing the
   role of ingress
 - Changed end2end tests so that certificates for the ingress are created on
   the fly (using correct domains)
 - Added unit tests for the GRPC client using a mock http2/TLS server

Assets 2

Provide feedback

Saved searches

Use saved searches to filter your results more quickly

Choose a tag to compare

Sorry, something went wrong.

Sorry, something went wrong.

Uh oh!

No results found

Choose a tag to compare

Sorry, something went wrong.

Sorry, something went wrong.

Uh oh!

No results found

Uh oh!