consul
consul copied to clipboard
hashicorp
Backport of docs: document behaviour of tls.https.verify_outgoing into release/1.12.x
Backport
This PR is auto-generated from #20555 to be assessed for backporting due to the inclusion of the label backport/1.12.
The below text is copied from the body of the original PR.
At first it's not clear what verify_outgoing would do for the https listener as it seems like Consul agent's don't make https requests. Upon further investigation, it's clear that Consul agents do make https requests in the following scenarios:
- to implement watches
- to perform checks
In the first scenario, this setting is used here: https://github.com/hashicorp/consul/blob/a1c8d4dd19caad13edf2d86441d1b7f9bbdc9c34/agent/config/runtime.go#L1725
In the second scenario, it's actually the internal_rpc setting that is used: https://github.com/hashicorp/consul/blob/a1c8d4dd19caad13edf2d86441d1b7f9bbdc9c34/tlsutil/config.go#L903
Overview of commits
- ded3c9fa120058b1277f0407eae850a2b171c63a - f6ce7c35294889f1e3d17e448a59adfca95a89c4
🤔 This PR has changes in the website/ directory but does not have a type/docs-cherrypick label. If the changes are for the next version, this can be ignored. If they are updates to current docs, attach the label to auto cherrypick to the stable-website branch after merging.
This pull request has been automatically flagged for inactivity because it has not been acted upon in the last 60 days. It will be closed if no new activity occurs in the next 30 days. Please feel free to re-open to resurrect the change if you feel this has happened by mistake. Thank you for your contributions.
![github-actions[bot] avatar](https://avatars.githubusercontent.com/in/15368?v=4 "Published by a pub.dev verified publisher"){kind=small}
