mirror of
https://github.com/caddyserver/caddy.git
synced 2024-12-27 06:03:48 +03:00
reverseproxy: Correct the tls_server_name
docs (#4827)
* reverseproxy: Correct the `tls_server_name` docs * Update modules/caddyhttp/reverseproxy/httptransport.go Co-authored-by: Matt Holt <mholt@users.noreply.github.com> Co-authored-by: Matt Holt <mholt@users.noreply.github.com>
This commit is contained in:
parent
5e729c1e85
commit
7f9b1f43c9
1 changed files with 12 additions and 5 deletions
|
@ -315,7 +315,14 @@ type TLSConfig struct {
|
||||||
// The duration to allow a TLS handshake to a server. Default: No timeout.
|
// The duration to allow a TLS handshake to a server. Default: No timeout.
|
||||||
HandshakeTimeout caddy.Duration `json:"handshake_timeout,omitempty"`
|
HandshakeTimeout caddy.Duration `json:"handshake_timeout,omitempty"`
|
||||||
|
|
||||||
// The server name (SNI) to use in TLS handshakes.
|
// The server name used when verifying the certificate received in the TLS
|
||||||
|
// handshake. By default, this will use the upstream address' host part.
|
||||||
|
// You only need to override this if your upstream address does not match the
|
||||||
|
// certificate the upstream is likely to use. For example if the upstream
|
||||||
|
// address is an IP address, then you would need to configure this to the
|
||||||
|
// hostname being served by the upstream server. Currently, this does not
|
||||||
|
// support placeholders because the TLS config is not provisioned on each
|
||||||
|
// connection, so a static value must be used.
|
||||||
ServerName string `json:"server_name,omitempty"`
|
ServerName string `json:"server_name,omitempty"`
|
||||||
}
|
}
|
||||||
|
|
||||||
|
@ -386,7 +393,7 @@ func (t TLSConfig) MakeTLSClientConfig(ctx caddy.Context) (*tls.Config, error) {
|
||||||
cfg.RootCAs = rootPool
|
cfg.RootCAs = rootPool
|
||||||
}
|
}
|
||||||
|
|
||||||
// custom SNI
|
// override for the server name used verify the TLS handshake
|
||||||
cfg.ServerName = t.ServerName
|
cfg.ServerName = t.ServerName
|
||||||
|
|
||||||
// throw all security out the window
|
// throw all security out the window
|
||||||
|
@ -402,16 +409,16 @@ func (t TLSConfig) MakeTLSClientConfig(ctx caddy.Context) (*tls.Config, error) {
|
||||||
|
|
||||||
// KeepAlive holds configuration pertaining to HTTP Keep-Alive.
|
// KeepAlive holds configuration pertaining to HTTP Keep-Alive.
|
||||||
type KeepAlive struct {
|
type KeepAlive struct {
|
||||||
// Whether HTTP Keep-Alive is enabled. Default: true
|
// Whether HTTP Keep-Alive is enabled. Default: `true`
|
||||||
Enabled *bool `json:"enabled,omitempty"`
|
Enabled *bool `json:"enabled,omitempty"`
|
||||||
|
|
||||||
// How often to probe for liveness. Default: `30s`.
|
// How often to probe for liveness. Default: `30s`.
|
||||||
ProbeInterval caddy.Duration `json:"probe_interval,omitempty"`
|
ProbeInterval caddy.Duration `json:"probe_interval,omitempty"`
|
||||||
|
|
||||||
// Maximum number of idle connections. Default: 0, which means no limit.
|
// Maximum number of idle connections. Default: `0`, which means no limit.
|
||||||
MaxIdleConns int `json:"max_idle_conns,omitempty"`
|
MaxIdleConns int `json:"max_idle_conns,omitempty"`
|
||||||
|
|
||||||
// Maximum number of idle connections per host. Default: 32.
|
// Maximum number of idle connections per host. Default: `32`.
|
||||||
MaxIdleConnsPerHost int `json:"max_idle_conns_per_host,omitempty"`
|
MaxIdleConnsPerHost int `json:"max_idle_conns_per_host,omitempty"`
|
||||||
|
|
||||||
// How long connections should be kept alive when idle. Default: `2m`.
|
// How long connections should be kept alive when idle. Default: `2m`.
|
||||||
|
|
Loading…
Reference in a new issue