kong icon indicating copy to clipboard operation
kong copied to clipboard
Published 1 week ago verified publisher icon Kong

feat(acme): add enable_ipv4_common_name option

Open zekth opened this issue 3 years ago • 1 comments

Summary

Add enable_ipv4_common_name option to allow or deny ipv4 common names certificates. On certificate or access if the option is disabled the request is rejected, so the ACME challenge is not triggered.

This has been done on a custom plugin in Konnect to fix some gateway listening with wildcard host.

Full changelog

  • Add enable_ipv4_common_name in schema
  • Add check_domains logic
  • Add ip v4 access challenge test

cc @fffonion

zekth avatar Aug 02 '22 12:08 zekth

This PR looks good to me. Just to know we are in feature freeze for 3.0, so I will hold merge.

fffonion avatar Aug 03 '22 05:08 fffonion

This PR looks good to me. Just to know we are in feature freeze for 3.0, so I will hold merge.

Should this be ported to 2.X too?

zekth avatar Aug 23 '22 10:08 zekth