• Type: Task
• Resolution: Fixed
• Priority: L3 - Default
• Fix Version/s: 3.10.6, 3.11.0
• Affects Version/s: None
• Component/s: backend
• Labels:

  None

This is the controller panel for Smart Panels app

[OPT-7306] Allow disabling of SNI checks

Joshua Windels created issue - 25/Sep/23 9:43 PM

Joshua Windels made changes - 25/Sep/23 9:43 PM

Status

Original: Triage [ 10612 ]

New: In Development [ 10312 ]

Joshua Windels made changes - 25/Sep/23 9:43 PM

Assignee

New: Joshua Windels [ joshua.windels ]

Joshua Windels made changes - 25/Sep/23 9:43 PM

Description

Original: In some environments, it might be appropriate to disable SNI checks. We should allow this per configuration field *ATs:*  * SNI checks can be disabled in config  * SNI checks can be disabled per ENV var  * ITs no longer explicitly disable SNI checks, rather they read from config

New: In some environments, it might be appropriate to disable SNI checks. We should allow this per configuration field *ATs:*  * SNI checks can be disabled in config  * SNI checks can be disabled per ENV var  * ITs no longer explicitly disable SNI checks, rather they read from config *Notes:* - This should be backported to maintenance/3.10

Joshua Windels made changes - 26/Sep/23 11:29 AM

Link

New: This issue is related to SUPPORT-18378 [ SUPPORT-18378 ]

Giuliano Rodrigues Lima made changes - 26/Sep/23 11:39 AM

Assignee	Original: Joshua Windels [ joshua.windels ]	New: Giuliano Rodrigues Lima [ giuliano.rodrigues-lima ]
Status	Original: In Development [ 10312 ]	New: In Review [ 10212 ]

Giuliano Rodrigues Lima made changes - 26/Sep/23 11:40 AM

Assignee	Original: Giuliano Rodrigues Lima [ giuliano.rodrigues-lima ]	New: Joshua Windels [ joshua.windels ]
Status	Original: In Review [ 10212 ]	New: Rework [ 11413 ]

Joshua Windels made changes - 26/Sep/23 11:44 AM

Description

Original: In some environments, it might be appropriate to disable SNI checks. We should allow this per configuration field *ATs:*  * SNI checks can be disabled in config  * SNI checks can be disabled per ENV var  * ITs no longer explicitly disable SNI checks, rather they read from config *Notes:* - This should be backported to maintenance/3.10

New: In some environments, it might be appropriate to disable SNI checks. We should allow this per configuration field *Testing Notes:*  * SNI checks can be disabled in config  * SNI checks can be disabled per ENV var (CAMUNDA_OPTIMIZE_CONTAINER_ENABLE_SNI_CHECK)  * ITs no longer explicitly disable SNI checks, rather they read from config *Notes:*  - This should be backported to maintenance/3.10

Joshua Windels made changes - 26/Sep/23 12:25 PM

Description

Original: In some environments, it might be appropriate to disable SNI checks. We should allow this per configuration field *Testing Notes:*  * SNI checks can be disabled in config  * SNI checks can be disabled per ENV var (CAMUNDA_OPTIMIZE_CONTAINER_ENABLE_SNI_CHECK)  * ITs no longer explicitly disable SNI checks, rather they read from config *Notes:*  - This should be backported to maintenance/3.10

New: In some environments, it might be appropriate to disable SNI checks. We should allow this per configuration field *Testing Notes:*  * SNI checks can be disabled in config  * SNI checks can be disabled per ENV var (CAMUNDA_OPTIMIZE_CONTAINER_ENABLE_SNI_CHECK)  * To verify, run Optimize in HTTPS and a localhost certificate, but with SNI checking enabled. This should present an SNI verification error in the browser as localhost is prohibited. [~cigdem.ilhan] - you tested this for the Spring Boot migration already, so please reproduce those steps *Notes:*  - This should be backported to maintenance/3.10

Joshua Windels made changes - 26/Sep/23 12:28 PM

Assignee	Original: Joshua Windels [ joshua.windels ]	New: Cigdem Ilhan [ cigdem.ilhan ]
Status	Original: Rework [ 11413 ]	New: Ready for Testing [ 10008 ]

Load more newer events