-
Notifications
You must be signed in to change notification settings - Fork 591
New issue
Have a question about this project? Sign up for a free GitHub account to open an issue and contact its maintainers and the community.
By clicking “Sign up for GitHub”, you agree to our terms of service and privacy statement. We’ll occasionally send you account related emails.
Already on GitHub? Sign in to your account
Feature request: support for upstream client authentication #348
Labels
area/feature
New feature or request
Milestone
Comments
hbagdi
added a commit
that referenced
this issue
Dec 9, 2019
Kong can present a client certificate during a TLS handshake to the upstream service. This is configurable for each service in Kong (each kubernetes service maps to a service in Kong). Users can use `configuration.konghq.com/client-cert` annotation on the service resource in k8s to specify the secret which should be used by Kong for client authentication. Fix #348
Hi @hbagdi , this feature is about mutual ssl authentication ? |
Yes, it is one part to mutual TLS authentication. The other part, Kong verify upstream's certificate is already supported. |
hbagdi
added a commit
that referenced
this issue
Dec 13, 2019
Kong can present a client certificate during a TLS handshake to the upstream service. This is configurable for each service in Kong (each kubernetes service maps to a service in Kong). Users can use `configuration.konghq.com/client-cert` annotation on the service resource in k8s to specify the secret which should be used by Kong for client authentication. Fix #348 From #483
Sign up for free
to join this conversation on GitHub.
Already have an account?
Sign in to comment
Kong 1.3 will ship with support for client authentication on the upstream side.
This means that Kong can authenticate itself to the upstream and upstream service can accept traffic only from Kong if needed.
The text was updated successfully, but these errors were encountered: