Re: Passthrough and insecure route

2017-04-20 Thread Philippe Lafoucrière 
Hmm, tested with OS 1.4.1:

Route "https" is invalid: spec.tls.insecureEdgeTerminationPolicy: Invalid
value: "Redirect": InsecureEdgeTerminationPolicy is only allowed for
edge-terminated routes

but the doc (
https://docs.openshift.com/container-platform/3.4/architecture/core_concepts/routes.html)
is telling the same as you:

"passthrough routes can also have an insecureEdgeTerminationPolicy the only
valid values are None or empty (for disabled) or Redirect."

​Any idea? :(

Thanks
___
users mailing list
users@lists.openshift.redhat.com
http://lists.openshift.redhat.com/openshiftmm/listinfo/users

Re: Passthrough and insecure route

2017-04-19 Thread Philippe Lafoucrière 
On Wed, Apr 19, 2017 at 2:35 PM, Clayton Coleman 
wrote:

> 1.4 added the ability to specify insecureEdgeTerminationPolicy for
> passthrough


Good, thanks :)
___
users mailing list
users@lists.openshift.redhat.com
http://lists.openshift.redhat.com/openshiftmm/listinfo/users

Re: Passthrough and insecure route

2017-04-19 Thread Clayton Coleman 
1.4 added the ability to specify insecureEdgeTerminationPolicy for
passthrough.

On Wed, Apr 19, 2017 at 2:31 PM, Philippe Lafoucrière <
philippe.lafoucri...@tech-angels.com> wrote:

> Hi,
>
> It seem impossible to register a route with both "passthrough" tls
> termination and standard http.
> The "insecure" route is being rejected because the https route already
> exposes the same host.
> Is there a reason for that?
> I'm using passthrough because the underlying service has its own ssl certs
> and routing, but that should not block a route to hit another non-https
> port.
> Please note I'm using OS 1.3
>
> Thanks,
> Philippe
>
>
> ___
> users mailing list
> users@lists.openshift.redhat.com
> http://lists.openshift.redhat.com/openshiftmm/listinfo/users
>
>
___
users mailing list
users@lists.openshift.redhat.com
http://lists.openshift.redhat.com/openshiftmm/listinfo/users

Passthrough and insecure route

2017-04-19 Thread Philippe Lafoucrière 
Hi,

It seem impossible to register a route with both "passthrough" tls
termination and standard http.
The "insecure" route is being rejected because the https route already
exposes the same host.
Is there a reason for that?
I'm using passthrough because the underlying service has its own ssl certs
and routing, but that should not block a route to hit another non-https
port.
Please note I'm using OS 1.3

Thanks,
Philippe
___
users mailing list
users@lists.openshift.redhat.com
http://lists.openshift.redhat.com/openshiftmm/listinfo/users