问题描述
我正在努力在需要相互SSL/TLS(服务器和客户端证书)的GCP上部署API解决方案.因此对于流量的进入(入口点),我发现kubernetes入口控制器具有这种可能性(基于NGINX).我对具有ESP(可扩展服务代理,也是kubernetes下的nginx部署)的云端点感兴趣.
I am working on deploying an API solution on GCP where mutual SSL/TLS is required (server and client side certificates). So for the ingress of the traffic (entry point) I found that kubernetes ingress controller has this possibility (NGINX based). I am interested by cloud endpoints which has ESP (extensible service proxy which is also nginx deployment under kubernetes).
我在文档的任何地方都找不到ESP(云端点)是否可以使用相互SSL/TLS,有人知道这个答案吗?
I couldn't find anywhere in the documentation whether mutual SSL/TLS is available for ESP (cloud endpoint), does anyone know the answer for this ?
推荐答案
ESP支持mTLS.您可以在此处指定证书文件
ESP supports mTLS. You can specify the certificates files here
proxy_ssl_certificate /etc/nginx/ssl/backend.crt;
proxy_ssl_certificate_key /etc/nginx/ssl/backend.key;
以下是其nginx 配置
Here is its nginx config
这篇关于Google云平台Cloud Endpoint SSL/TLS相互握手ESP的文章就介绍到这了,希望我们推荐的答案对大家有所帮助,也希望大家多多支持!