Charts: [stable/traefik] Support mutual TLS authentication
Is this a request for help?:
Is this a BUG REPORT or FEATURE REQUEST? (choose one): FEATURE REQUEST
Version of Helm and Kubernetes:
$ kubectl version
Client Version: version.Info{Major:"1", Minor:"13", GitVersion:"v1.13.0", GitCommit:"ddf47ac13c1a9483ea035a79cd7c10005ff21a6d", GitTreeState:"clean", BuildDate:"2018-12-04T07:51:55Z", GoVersion:"go1.11.2", Compiler:"gc", Platform:"darwin/amd64"}
Server Version: version.Info{Major:"1", Minor:"10", GitVersion:"v1.10.11", GitCommit:"637c7e288581ee40ab4ca210618a89a555b6e7e9", GitTreeState:"clean", BuildDate:"2018-11-26T14:25:46Z", GoVersion:"go1.9.3", Compiler:"gc", Platform:"linux/amd64"}
$ helm version
Client: &version.Version{SemVer:"v2.11.0", GitCommit:"2e55dbe1fdb5fdb96b75ff144a339489417b146b", GitTreeState:"clean"}
Server: &version.Version{SemVer:"v2.11.0", GitCommit:"2e55dbe1fdb5fdb96b75ff144a339489417b146b", GitTreeState:"clean"}
Which chart: stable/traefik
What happened: Unable to configure traefik to enable mutual TLS authentication
What you expected to happen: The chart should provide the ability to enable and configure mTLS
How to reproduce it (as minimally and precisely as possible):
- Deploy traefik
- Deploy a HTTPS web server that echoes received headers back to the client, such as echoheaders
- Access the web server, providing a client certificate:
curl --cert tls.crt --key tls.key https://myserver.example.com - Notice there is no "x-forwarded-tls-client-cert" header in the returned response body
- Notice that it is possible to access the web server without using mTLS:
curl https://myserver.example.com
Anything else we need to know:
No
somcsel
All 9 comments
Created PR #9829 for this
somcsel
on 9 Dec 2018
This issue has been automatically marked as stale because it has not had recent activity. It will be closed if no further activity occurs. Any further update will cause the issue/pull request to no longer be considered stale. Thank you for your contributions.
![stale[bot] picture](https://avatars.githubusercontent.com/in/1724?v=4&s=40)
stale[bot]
on 8 Jan 2019
Was just about to make a PR for this work. Would be great to get this merged soon.
tlm
on 11 Jan 2019
This issue has been automatically marked as stale because it has not had recent activity. It will be closed if no further activity occurs. Any further update will cause the issue/pull request to no longer be considered stale. Thank you for your contributions.
stale[bot]
on 10 Feb 2019
@tlmiller, @justurm PR #9829 didn't get any attention and, since we (in the project I am working on) have now decided to stay with nginx, I will not pursue this further.
If either of you would like to pick this up then be my guest and please don't hesitate to give me a shout if I can do anything to help.
somcsel
on 12 Feb 2019
@somcsel cheers, I will see if I can get it over the line. Would love to have this to support some legacy apps.
tlm
on 12 Feb 2019
This issue has been automatically marked as stale because it has not had recent activity. It will be closed if no further activity occurs. Any further update will cause the issue/pull request to no longer be considered stale. Thank you for your contributions.
stale[bot]
on 14 Mar 2019
This issue is being automatically closed due to inactivity.
stale[bot]
on 28 Mar 2019
New PR for this issue #13347
tlm
on 29 Apr 2019
Related issues
kminehart
路
3Comments
tdcox
路
3Comments
harshmehta93
路
3Comments
mluedke
路
3Comments
vsliouniaev
路
3Comments
Most helpful comment
Created PR #9829 for this