status-im
/
consul
mirror of https://github.com/status-im/consul.git
2
0
Fork 0
Code Issues Projects Releases Wiki Activity

Recommend SNI with TLS in the terminating gateway docs

This commit is contained in:
Kyle Havlovitz 2022-03-31 12:19:16 -07:00
parent f8efe9a208
commit 51527907ab
1 changed files with 3 additions and 0 deletions
Show Stats Download Patch File Download Diff File Expand all files Collapse all files

3
website/content/docs/connect/config-entries/terminating-gateway.mdx
View File

@ -30,6 +30,9 @@ from the terminating gateway will be encrypted using one-way TLS authentication.
and [private key](/docs/connect/config-entries/terminating-gateway#keyfile) are also specified connections and [private key](/docs/connect/config-entries/terminating-gateway#keyfile) are also specified connections
from the terminating gateway will be encrypted using mutual TLS authentication. from the terminating gateway will be encrypted using mutual TLS authentication.
~> Setting the `SNI` field is strongly recommended when enabling TLS to a service. If this field is not set,
Consul will not attempt to verify the Subject Alternative Name fields in the service's certificate.
If none of these are provided, Consul will **only** encrypt connections to the gateway and not If none of these are provided, Consul will **only** encrypt connections to the gateway and not
from the gateway to the destination service. from the gateway to the destination service.