emissary icon indicating copy to clipboard operation
emissary copied to clipboard

Published 20 hours ago verified publisher icon emissary-ingress

Feature Request - TLS Support for TracingService

Open eanveden opened this issue 1 year ago • 1 comments

Please describe your use case / problem. Our organization has a strict compliance requirement that mandate all end-to-end communications with services to be conducted over HTTPS. Presently, we utilize cluster-wide OTLP collectors exposing trace endpoints over TLS. However, there is currently no way to customize TracingService for exporting traces using TLS.

Describe the solution you'd like An additional field under TracingService that supports TLS. Something similar to

tls:
  ca_file: /some/path/trusted-ca.crt
  cert_file: /some/path/tls.crt
  key_file: /some/path/tls.key
service:
driver:
config: 
custom_tags:
tag_headers: 
propagation_modes:

Describe alternatives you've considered Haven't been able to come up with anything unfortunately. Putting a proxy to handle the TLS negotiation wouldn't be a viable alternative since we require E2E TLS.

eanveden avatar Dec 28 '23 17:12 eanveden

Hello, can we please get some traction on this so we can remain TLS compliant within our organization?

MikeKlebolt avatar Jan 11 '24 19:01 MikeKlebolt