Jan Larwig

Damn I totally forgot extending and testing this one

Please have a look at codeclimate: https://codeclimate.com/github/oauth2-proxy/oauth2-proxy/pull/1985 1. Function listenOnFD has 6 return statements (exceeds 4 allowed). 2. Method server.setupListener has 5 return statements (exceeds 4 allowed). @JoelSpeed I was...

> This looks like it might be addressed with #2237? The issue is those certificates are meant to be used for the providers only and yes extending the system trust...

Hi @emsixteeen, that is exactly my point. I don't think #2237 would be of any help for upstreams. Either we will need a new implementation for a config flag `upstreams-ca`...

We decide to keep the upstream and provider CAs separate. Therefore, we will need to introduce a new config field `upstreamCA`

Hi @ethanchowell, I'll try to do a review soon.

@ethanchowell thanks for all the effort you put into keeping the PR up to date. I'll try to find some time this week to test the feature.

I get why this would be quite useful for some setups but unfortunately I have to agree with Joel here. We currently face a lot of feature creep and therefore...

@Hronom if you really need this feature you can always build a custom version of oauth2-proxy. If you need any help with that. Hit me up on slack.

@Hronom thanks a lot for the detailed guide. I'll try to check it out beginning of next year.