Re: Gorouter now supports SNI and multiple certs

Home Messages Hashtags Subgroups

Dieu Cao <dcao@...> #7118 Woohoo! toggle quoted message Show quoted text On Aug 9, 2017 6:47 PM, "Shannon Coen" <scoen(a)pivotal.io> wrote: On behalf of the CF Routing team, I'm pleased to announce routing-release 0.160.0: https://github.com/cloudfoundry-incubator/routing-release/ releases/tag/0.160.0 This release includes a bunch of exciting features, including our most requested one: - SNI / Multiple Certificates ...as well as: - Mutual TLS / Validation of Client Certificates - Forwarding of Client Certificates to backends via the X-Forwarded-Client-Cert HTTP header, enabling mutual TLS between client and apps without forfeiting HTTP load balancing. The Java buildpack was recently updated to support this header, transparently exposing certificate metadata to apps. - Max concurrent connections per backend, preventing slow apps from impacting the availability of the rest of the platform - 5 second frontend timeout on idle client connections, forcing load balancers that time out silently to send their clients a TCP Reset. These features will be included in an upcoming version of cf-release. Note: this release removes support for properties router.ssl_cert and router.ssl_key in favor of router.tls_pem, which is required if router.enable_ssl: true. Best, Shannon Coen Product Manager, Cloud Foundry Pivotal, Inc. attachment.html
More All Messages By This Member

Join {cf-dev@lists.cloudfoundry.org to automatically receive all group messages.