mirror of
https://github.com/pomerium/pomerium.git
synced 2025-04-29 10:26:29 +02:00
Pomerium is an identity and context-aware access proxy.
554e77bc7c
envoy: log mtls failures This implements limited listener-based access logging for downstream transport failures, only enabled when downstream_mtls.enforcement is set to 'reject_connection'. Client certificate details and the error message will be logged. Additionally, the new key 'client-certificate' can be set in the access_log_fields list in the configuration, which will add peer certificate properties (issuer, subject, SANs) to the existing per-request http logs. --------- Co-authored-by: Kenneth Jenkins <51246568+kenjenkins@users.noreply.github.com> |
||
|---|---|---|
| .github | ||
| .vscode | ||
| authenticate | ||
| authorize | ||
| changelogs | ||
| cmd/pomerium | ||
| config | ||
| databroker | ||
| examples | ||
| integration | ||
| internal | ||
| k8s/zero | ||
| ospkg | ||
| pkg | ||
| proxy | ||
| scripts | ||
| ui | ||
| .codecov.yml | ||
| .dockerignore | ||
| .fossa.yml | ||
| .gitattributes | ||
| .gitignore | ||
| .golangci.yml | ||
| .pre-commit-config.yaml | ||
| .tool-versions | ||
| 3RD-PARTY | ||
| DEBUG.MD | ||
| Dockerfile | ||
| Dockerfile.debug | ||
| go.mod | ||
| go.sum | ||
| LICENSE | ||
| Makefile | ||
| pomerium.go | ||
| README.md | ||
| RELEASING.md | ||
| SECURITY.md | ||
Pomerium builds secure, clientless connections to internal web apps and services without a corporate VPN.
Pomerium is:
- Easier because you don’t have to maintain a client or software.
- Faster because it’s deployed directly where your apps and services are. No more expensive data backhauling.
- Safer because every single action is verified for trusted identity, device, and context.
It’s not a VPN alternative – it’s the trusted, foolproof way to protect your business.
Docs
For comprehensive docs, and tutorials see our documentation.
Contributing
See Contributing for information on how you can contribute to Pomerium.