-
Notifications
You must be signed in to change notification settings - Fork 1.5k
Open
Labels
good first issueDenotes an issue ready for a new contributor, according to the "help wanted" guidelines.Denotes an issue ready for a new contributor, according to the "help wanted" guidelines.
Description
Describe the feature you are requesting
Scenarios in controller certificate auto-discovery;
- where different encryption certificate (ECC, RSA) are auto-discovered
- the ECC certificate is discovered first and in the LB model is created as the default certificate
- the RSA encyption certificate is discovered ...and any other certificate, and added to the certificate ilst
- From the ALB documentation, however, the default certificate is never used when a client request specifies the SNI and there is a certificate list
- client attempting to negotiate ECC cipher suite with an ALB only checking only the certificate list fails TLS negotiation
Motivation
- the ALB spec would seem to expect the default certificate to also be added to the certificate list
Describe the proposed solution you'd like
- Add the default certificate also to the certificate list. Perhaps appending the certificate twice?
Contribution Intention (Optional)
- Yes, I am willing to contribute a PR to implement this feature
sbbowers
Metadata
Metadata
Assignees
Labels
good first issueDenotes an issue ready for a new contributor, according to the "help wanted" guidelines.Denotes an issue ready for a new contributor, according to the "help wanted" guidelines.