Skip to content

feat: Add new_mtls for HttpProxy #784

New issue

Have a question about this project? Sign up for a free GitHub account to open an issue and contact its maintainers and the community.

Sign up for GitHub

By clicking “Sign up for GitHub”, you agree to our terms of service and privacy statement. We’ll occasionally send you account related emails.

Already on GitHub? Sign in to your account

Jump to bottom
Closed
cachpachios wants to merge 1 commit into from
Closed

feat: Add new_mtls for HttpProxy #784

cachpachios wants to merge 1 commit into from
+11 −0

Conversation

@cachpachios
Copy link
Contributor

@cachpachios cachpachios commented Jan 3, 2026
edited
Loading

Tiny fix to resolve #783

We expose a new_mtls method for creating a HttpProxy with a client_cert_key to enable mTLS peers.

AFAIK there is currently no other way to set or modify the client_cert_key field. So that small change enables to actually use mTLS HttpPeers, even if the foundations (with the field) been there for a while...

This works well for my own usecase!

Let me know if anyone prefers another approach, i.e a public setter instead of constructor. Or just a different name.
Also, looking at some previous commits it doesnt feel like this sort of changes requires tests to be written. But let me know if thats a wrong assumption.

For anyone looking to use mTLS with a self signed server certificate will you need to modify the PeerOptions too.
Here is an example from my own project:

let mut peer = Box::new(HttpPeer::new_mtls(
    target.address.to_string(),
    target.sni.clone(),
    target.client_cert.clone(),
));
let peer_options = peer.get_mut_peer_options().unwrap();
peer_options.ca = Some(target.ca.clone());

@cachpachios
feat: Add new_mtls for HttpProxy
d71251e 
Exposes a new_mtls method for creating a HttpProxy with a client_cert_key to enable mtls peers.
@cachpachios cachpachios mentioned this pull request Jan 4, 2026
Closed
@johnhurt johnhurt added the enhancement New feature or request label Jan 9, 2026
Noah-Kennedy pushed a commit that referenced this pull request Jan 16, 2026
@cachpachios @andrewhavck
feat: Add new_mtls for HttpProxy
2b8e0a7 
Exposes a new_mtls method for creating a HttpProxy with a client_cert_key to enable mtls peers.

Includes-commit: d71251e
Replicated-from: #784
Noah-Kennedy pushed a commit that referenced this pull request Jan 16, 2026
@cachpachios @Noah-Kennedy
feat: Add new_mtls for HttpProxy
9563115 
Exposes a new_mtls method for creating a HttpProxy with a client_cert_key to enable mtls peers.

Includes-commit: d71251e
Replicated-from: #784
Noah-Kennedy pushed a commit that referenced this pull request Jan 16, 2026
@cachpachios @Noah-Kennedy
feat: Add new_mtls for HttpProxy
ad449bf 
Exposes a new_mtls method for creating a HttpProxy with a client_cert_key to enable mtls peers.

Includes-commit: d71251e
Replicated-from: #784
@andrewhavck andrewhavck added the Accepted This change is accepted by us and merged to our internal repo label Jan 16, 2026
@andrewhavck
Copy link
Collaborator

andrewhavck commented Jan 16, 2026

This landed in our sync today, thank you.

Sign up for free to join this conversation on GitHub. Already have an account? Sign in to comment

Reviewers

No reviews

Assignees

@gdavidsson gdavidsson

Labels

Accepted This change is accepted by us and merged to our internal repo enhancement New feature or request

Projects

None yet

Milestone

No milestone

Development

Successfully merging this pull request may close these issues.

Unable to set client_cert_key for mTLS for HttpPeer

4 participants

@cachpachios @andrewhavck @gdavidsson @johnhurt