3pp-mirror/pomerium
1
0
Fork 0
mirror of https://github.com/pomerium/pomerium.git synced 2025-06-25 14:08:09 +02:00
Code Issues Projects Releases Packages Wiki Activity

Add tls_server_name option to policy file.

Browse source
This commit is contained in:
Yuchen Ying 2019-09-06 09:48:31 +00:00
parent 658e80f2af
commit 27a3870373
5 changed files with 27 additions and 0 deletions
Download patch file Download diff file Expand all files Collapse all files

8
docs/docs/reference/reference.md
View file

@ -355,6 +355,14 @@ If set, enables proxying of websocket connections.
TLS Skip Verification controls whether a client verifies the server's certificate chain and host name. If enabled, TLS accepts any certificate presented by the server and any host name in that certificate. In this mode, TLS is susceptible to man-in-the-middle attacks. This should be used only for testing.
### TLS Server Name
- Config File Key: `tls_server_name`
- Type: `string`
- Optional
TLS Server Name overrides the hostname you specified in the `to` field. If set, this server name will be used to verify server side certificate. This is useful when the backend of your service is an HTTPS server with valid certificate, but you want to communicate via an internal hostname or IP address.
### TLS Custom Certificate Authority
- Config File Key: `tls_custom_ca` or `tls_custom_ca_file`