github
/
consul
mirror of https://github.com/hashicorp/consul
1
0
Fork 0
Code Issues Projects Releases Wiki Activity

docs: document behaviour of tls.https.verify_outgoing 

At first it's not clear what verify_outgoing would do for the https
listener as it seems like Consul agent's don't make https requests. Upon
further investigation, it's clear that Consul agents do make https
requests in the following scenarios:
- to implement watches
- to perform checks

In the first scenario, this setting is used here:
a1c8d4dd19/agent/config/runtime.go (L1725)

In the second scenario, it's actually the internal_rpc setting that is
used:
a1c8d4dd19/tlsutil/config.go (L903)
pull/20555/head
Luke Kysow 2024-02-08 14:37:36 -08:00
parent a1c8d4dd19
commit ded3c9fa12
1 changed files with 2 additions and 1 deletions
Show Stats Download Patch File Download Diff File Expand all files Collapse all files

3
website/content/docs/agent/config/config-files.mdx
View File

@ -2153,7 +2153,8 @@ specially crafted certificate signed by the CA can be used to gain full access t
will not make use of TLS for outgoing connections. This applies to clients will not make use of TLS for outgoing connections. This applies to clients
and servers as both will make outgoing connections. This setting does not and servers as both will make outgoing connections. This setting does not
apply to the gRPC interface as Consul makes no outgoing connections on this apply to the gRPC interface as Consul makes no outgoing connections on this
interface. interface. If set to true for the HTTPS interface, this will apply to [watches](/consul/docs/dynamic-app-config/watches)
because internally watches are implemented by making HTTPS requests to the local agent.
- `grpc` ((#tls_grpc)) Provides settings for the gRPC/xDS interface. To enable - `grpc` ((#tls_grpc)) Provides settings for the gRPC/xDS interface. To enable
the gRPC interface you must define a port via [`ports.grpc_tls`](#grpc_tls_port). the gRPC interface you must define a port via [`ports.grpc_tls`](#grpc_tls_port).