gloo icon indicating copy to clipboard operation
gloo copied to clipboard

Published 20 hours ago verified publisher icon solo-io

TLS handshake failure when using isolateVirtualHostsBySslConfig=true property

Open avizov opened this issue 3 years ago • 3 comments

Gloo Edge Version

1.11.x (latest stable)

Kubernetes Version

1.22.x

Describe the bug

Using the "isolateVirtualHostsBySslConfig" option together with hybrid gateways and matchable gateways leads to tls handshake failures. In the envoy configuration dump we saw that all the filter chains were duplicated for all sni domains (appears twice). After enabling this option, we saw that the tls inspector filter was added.

Steps to reproduce the bug

configure environment as described above

Expected Behavior

ssl handshake should work

Additional Context

No response

avizov avatar Jul 05 '22 12:07 avizov

relates to these PRs:

  1. https://github.com/solo-io/gloo/pull/6637
  2. https://github.com/solo-io/gloo/pull/6622

avizov avatar Jul 05 '22 12:07 avizov

Follow up bug to https://github.com/solo-io/gloo/issues/2534

chrisgaun avatar Jul 19 '22 13:07 chrisgaun

@sam-heilbron should this be closed?

nrjpoddar avatar Jul 28 '22 12:07 nrjpoddar

the newest addition to this feature (helm chart updates) has been released with gloo EE v1.11.39

gunnar-solo avatar Sep 07 '22 15:09 gunnar-solo