Page MenuHomeVyOS Platform

Add an option to disable certificate verification to reverse proxy
Closed, ResolvedPublicFEATURE REQUEST

Description

Add the ability for the reverse-proxy to connect via SSL to backends with self-signed certificates.
To do this would require an additional option in the VyOS config, which would in turn set ssl verify none in the HAProxy configuration.

Example of VyOS configuration:

set load-balancing reverse-proxy backend bk-default ssl no-verify

Example of how this would be rendered in HAProxy configuration:

server bk-01 127.0.0.1:9090 ssl verify none

Details

Version
-
Is it a breaking change?
Perfectly compatible

Event Timeline

Viacheslav triaged this task as Wishlist priority.Apr 15 2024, 1:58 PM
Viacheslav changed the task status from Open to Needs testing.Apr 16 2024, 7:20 PM

Tested as working in: VyOS 1.5-rolling-202404190019

dmbaturin renamed this task from Loadbalancer reverse-proxy: SSL backend skip CA certificate verification to Add an option to disable certificate verification to reverse proxy.May 11 2024, 6:49 PM
dmbaturin removed a project: VyOS 1.5 Circinus.