Hello,
In my application, I want to use Fabio in order to forward HTTPS API to a 3rd party BE (MinIO), on a Windows server.
I followed the instructions on this page: https://fabiolb.net/feature/https-tcp-sni-proxy/
I'm running Fabio with the following arguments:
fabio.exe -proxy.addr :443;proto=https+tcp+sni;cs=consul-cs -proxy.cs cs=consul-cs;type=consul;cert=http://localhost:8500/v1/kv/certs/
I used this tag urlprefix-minio.domain.com proto=https for the MinIO registration to Fabio, but Fabio make the request to https://ip:port, so MinIO is sending an error that the certificate doesn't match with the request, because it receives an ip instead of a url.
I'm using Consul as a certificate store and I have a wildcard certificate matching both Fabio and the MinIO's domains.
I know I can use the tlsskipverify option but I prefer to avoid it if possible.
I need somehow to tell Fabio to send its requests with a url.
How can I accomplish that?
Thank you very much
Hello,
In my application, I want to use Fabio in order to forward HTTPS API to a 3rd party BE (MinIO), on a Windows server.
I followed the instructions on this page: https://fabiolb.net/feature/https-tcp-sni-proxy/
I'm running Fabio with the following arguments:
fabio.exe -proxy.addr :443;proto=https+tcp+sni;cs=consul-cs -proxy.cs cs=consul-cs;type=consul;cert=http://localhost:8500/v1/kv/certs/I used this tag
urlprefix-minio.domain.com proto=httpsfor the MinIO registration to Fabio, but Fabio make the request to https://ip:port, so MinIO is sending an error that the certificate doesn't match with the request, because it receives an ip instead of a url.I'm using Consul as a certificate store and I have a wildcard certificate matching both Fabio and the MinIO's domains.
I know I can use the tlsskipverify option but I prefer to avoid it if possible.
I need somehow to tell Fabio to send its requests with a url.
How can I accomplish that?
Thank you very much