status-im/consul
2
0
Fork 0
mirror of https://github.com/status-im/consul.git synced 2025-01-21 19:20:41 +00:00
Code Issues Projects Releases Wiki Activity

Recommend SNI with TLS in the terminating gateway docs

Browse Source
This commit is contained in:
Kyle Havlovitz 2022-03-31 12:19:16 -07:00
parent f8efe9a208
commit 51527907ab
1 changed files with 3 additions and 0 deletions
Show Stats Download Patch File Download Diff File Expand all files Collapse all files

3
website/content/docs/connect/config-entries/terminating-gateway.mdx
View File

@ -30,6 +30,9 @@ from the terminating gateway will be encrypted using one-way TLS authentication.
and [private key](/docs/connect/config-entries/terminating-gateway#keyfile) are also specified connections
from the terminating gateway will be encrypted using mutual TLS authentication.
~> Setting the `SNI` field is strongly recommended when enabling TLS to a service. If this field is not set,
Consul will not attempt to verify the Subject Alternative Name fields in the service's certificate.
If none of these are provided, Consul will **only** encrypt connections to the gateway and not
from the gateway to the destination service.