-
-
Notifications
You must be signed in to change notification settings - Fork 4.1k
Commit
This commit does not belong to any branch on this repository, and may belong to a fork outside of the repository.
reverseproxy: add tls_server_cert_sha256
Unfortunately there *are* some production setups requiring tls_insecure_skip_verify in reverse_proxy, like old devices with outdated firmware. In many such cases, the devices aren't supposed to regenerate or update their certificates. This patch adds tls_server_cert_sha256 directive for reverse_proxy, making MITM impossible even with tls_insecure_skip_verify.
- Loading branch information
1 parent
f6d2c29
commit 5fde819
Showing
2 changed files
with
53 additions
and
0 deletions.
There are no files selected for viewing
This file contains bidirectional Unicode text that may be interpreted or compiled differently than what appears below. To review, open the file in an editor that reveals hidden Unicode characters.
Learn more about bidirectional Unicode characters
This file contains bidirectional Unicode text that may be interpreted or compiled differently than what appears below. To review, open the file in an editor that reveals hidden Unicode characters.
Learn more about bidirectional Unicode characters