Feature request: disable TLS termination #703
Comments
|
To work around this, the following annotation works with ingress-nginx: nginx.ingress.kubernetes.io/backend-protocol: "HTTPS" |
|
Thanks for the suggestion, however as a security app, disabling TLS is not ideal, even if on a localhost or "secure" network. Instead, I think this is a better solution: issue #700. If this wouldn't work for your scenario please help us understand why. Thanks! |
Sign up for free
to join this conversation on GitHub.
Already have an account?
Sign in to comment
Is your feature request related to a problem? Please describe.
I would like to deploy pwm on k8s and have tls termination handled by an ingress controller (with certificates managed by cert-manager).
As of 2.0.6, it appears that tls termination is hard-wired on in the tomcat connector: https://github.com/pwm-project/pwm/blob/9fd838b93d2ef759c3c4ec49367cbe121356b076/onejar/src/main/java/password/pwm/onejar/TomcatOnejarRunner.java#L162-L163C5
Describe the solution you'd like
For my use cases, it would be completely satisfatory if pwm/tomcat didn't attempt to handle tls termination at all. An acceptable alternative would be an inverse to the
manageHttpsapplication option that completely disables https.The text was updated successfully, but these errors were encountered: