Skip to content

Add SNI for JWT policy #7427

New issue
New issue
Open
#7500
Open
Add SNI for JWT policy#7427
#7500
Labels
area/securityIssues related to security capabilities or concernsproposalAn issue that proposes a feature requestready for refinementAn issue that was triaged and it is ready to be refined
@anderius

Description

@anderius
anderius
opened on Feb 28, 2025

Is your feature request related to a problem? Please describe.

Network rules often rely on SNI to work, and we noticed that Nginx is not always sending the server name.

Describe the solution you'd like

One example is here: https://github.com/nginx/kubernetes-ingress/blob/main/internal/configs/version2/nginx-plus.virtualserver.tmpl#L230

It would be nice if all proxy_pass / external subrequests set SNI, like it is done here:

proxy_ssl_server_name on; # For SNI to the IdP

Describe alternatives you've considered

None. Workaround is to use IP-addresses in firewalls etc.

Additional context

None.

Metadata

Metadata

Assignees

No one assigned

    Labels

    area/securityIssues related to security capabilities or concernsproposalAn issue that proposes a feature requestready for refinementAn issue that was triaged and it is ready to be refined

    Type

    No type

    Projects

    NGINX Ingress Controller

    Status

    Prioritized backlog

    Milestone

    No milestone

    Relationships

    None yet

    Development

    No branches or pull requests

    Issue actions