Support https in HttpHealthCheckShareAdjuster

Question

Support https in HttpHealthCheckShareAdjuster

SEJeff opened this issue 10 years ago · 4 comments

Some application servers use https for their own communication. This should be trivial to extend and is a placeholder for myself to add.

Answer 1 · 2015-05-22T00:50:52.000Z

This would be fantastic.

One thing that I've struggled with is and would be interested in hearing your thoughts on is how to get the key in, especially when it's running a docker container (into which it probably shouldn't be baked). An idea that I considered was a pluggable CredentialRetriever class that retrieves and installs the key at run time.

Answer 2 · 2015-07-09T04:35:53.000Z

For self signed certificates? I was generally just thinking of using the system certificate store, which requests actually bypasses (stupidly), meaning stuff with normal commercial certificates.

How would you see this working?

Answer 3 · 2015-07-09T17:20:14.000Z

Oops. I misunderstood your initial suggestion - I read it as a request for SSL support at the proxy itself, not for the healthchecker. My comment was about how to make sensitive certificate info available to the proxy.

On board.

Answer 4 · 2015-07-09T17:44:27.000Z

Ah, for our internal domain, we have a wildcard certificate that I simply include with the proxy. I simply meant if the app itsself implements https (think a golang webapp) instead of using a webserver like nginx, doing the healthchecking via ssl^Wtls.