Skip to content
New issue

Have a question about this project? Sign up for a free GitHub account to open an issue and contact its maintainers and the community.

Sign up for GitHub

By clicking “Sign up for GitHub”, you agree to our terms of service and privacy statement. We’ll occasionally send you account related emails.

Already on GitHub? Sign in to your account

Jump to bottom

Add SNI for JWT policy #7427

Open
anderius opened this issue Feb 28, 2025 · 1 comment · May be fixed by #7500
Open

Add SNI for JWT policy #7427

anderius opened this issue Feb 28, 2025 · 1 comment · May be fixed by #7500
Labels
area/security Issues related to security capabilities or concerns proposal An issue that proposes a feature request ready for refinement An issue that was triaged and it is ready to be refined

Comments

@anderius
Copy link

Is your feature request related to a problem? Please describe.

Network rules often rely on SNI to work, and we noticed that Nginx is not always sending the server name.

Describe the solution you'd like

One example is here: https://github.com/nginx/kubernetes-ingress/blob/main/internal/configs/version2/nginx-plus.virtualserver.tmpl#L230

It would be nice if all proxy_pass / external subrequests set SNI, like it is done here:

proxy_ssl_server_name on; # For SNI to the IdP

Describe alternatives you've considered

None. Workaround is to use IP-addresses in firewalls etc.

Additional context

None.
@anderius anderius added the proposal An issue that proposes a feature request label Feb 28, 2025
@github-actions GitHub Actions
Copy link

Hi @anderius thanks for reporting!

Be sure to check out the docs and the Contributing Guidelines while you wait for a human to take a look at this 🙂

Cheers!

@shaun-nx shaun-nx added the needs triage An issue that needs to be triaged label Mar 12, 2025
@shaun-nx shaun-nx linked a pull request Mar 12, 2025 that will close this issue
Added SNI support for JWT secrets retrieved from HTTPS URL #7500
Open
6 tasks
@shaun-nx shaun-nx added ready for refinement An issue that was triaged and it is ready to be refined and removed needs triage An issue that needs to be triaged labels Mar 24, 2025
@shaun-nx shaun-nx moved this from Todo ☑ to Prioritized backlog in NGINX Ingress Controller Mar 28, 2025
@shaun-nx shaun-nx added the area/security Issues related to security capabilities or concerns label Mar 28, 2025
Sign up for free to join this conversation on GitHub. Already have an account? Sign in to comment
Assignees
No one assigned
Labels
area/security Issues related to security capabilities or concerns proposal An issue that proposes a feature request ready for refinement An issue that was triaged and it is ready to be refined
Projects
NGINX Ingress Controller
Status: Prioritized backlog
Milestone
No milestone
Development

Successfully merging a pull request may close this issue.

Added SNI support for JWT secrets retrieved from HTTPS URL fabriziofiorucci/kubernetes-ingress
2 participants
@anderius @shaun-nx