[Date Prev][Date Next]   [Thread Prev][Thread Next]   [Thread Index] [Date Index] [Author Index]

Re: Routing question



I can neither confirm nor deny, but just offer my thoughts about the matter. While in principle it should be possible to route a secure connection both by server name and by path, these are determined at different protocols in the transaction (TLS SNI and HTTP path, respectively) which adds complexity to configuring and routing that is not present if simply using one or the other. So in practice the capability probably depends on the router implementation. With a quick look through the haproxy docs it's not clear to me whether it's supported there at all. If it is, the configuration required may not be implemented in OpenShift's default router. Or, it could be buggy. I suggest raising an issue to see if this is something that could be made to work (or already does somehow).

On Fri, Feb 2, 2018 at 11:34 AM, Aaron Rodriguez <a12Rodriguez bop gov> wrote:
I have set of secure, HTTPS, microservices that I would like to configure with reencrypt routes.   Each of these will serve their API under the same hostname.
 
I have attempted to configure these as re-encrypt, path-based routes but the proxy returns 'Application is not available'.      
 
If I disable SSL on the service and run HTTP only, then the path based routes work when configured as edge terminated.
 
Can someone confirm that path-based re-encrypt routes is currently not supported?  Assuming that's the case, are there any suggestions for achieving this configuration? 
 
Thanks!
 
 

_______________________________________________
users mailing list
users lists openshift redhat com
http://lists.openshift.redhat.com/openshiftmm/listinfo/users



[Date Prev][Date Next]   [Thread Prev][Thread Next]   [Thread Index] [Date Index] [Author Index]