diff --git a/internal/mode/static/nginx/config/servers_template.go b/internal/mode/static/nginx/config/servers_template.go index d4ad02220..cbbc36f19 100644 --- a/internal/mode/static/nginx/config/servers_template.go +++ b/internal/mode/static/nginx/config/servers_template.go @@ -60,6 +60,7 @@ server { {{ $proxyOrGRPC }}_pass {{ $l.ProxyPass }}; proxy_http_version 1.1; {{- if $l.ProxySSLVerify }} + {{ $proxyOrGRPC }}_ssl_server_name on; {{ $proxyOrGRPC }}_ssl_verify on; {{ $proxyOrGRPC }}_ssl_name {{ $l.ProxySSLVerify.Name }}; {{ $proxyOrGRPC }}_ssl_trusted_certificate {{ $l.ProxySSLVerify.TrustedCertificate }}; diff --git a/internal/mode/static/nginx/config/servers_test.go b/internal/mode/static/nginx/config/servers_test.go index 990a3a4c5..163b5becc 100644 --- a/internal/mode/static/nginx/config/servers_test.go +++ b/internal/mode/static/nginx/config/servers_test.go @@ -48,6 +48,32 @@ func TestExecuteServers(t *testing.T) { KeyPairID: "test-keypair", }, Port: 8443, + PathRules: []dataplane.PathRule{ + { + Path: "/", + PathType: dataplane.PathTypePrefix, + MatchRules: []dataplane.MatchRule{ + { + Match: dataplane.Match{}, + BackendGroup: dataplane.BackendGroup{ + Source: types.NamespacedName{Namespace: "test", Name: "route1"}, + RuleIdx: 0, + Backends: []dataplane.Backend{ + { + UpstreamName: "test_foo_443", + Valid: true, + Weight: 1, + VerifyTLS: &dataplane.VerifyTLS{ + CertBundleID: "test-foo", + Hostname: "test-foo.example.com", + }, + }, + }, + }, + }, + }, + }, + }, }, }, } @@ -61,6 +87,7 @@ func TestExecuteServers(t *testing.T) { "server_name cafe.example.com;": 2, "ssl_certificate /etc/nginx/secrets/test-keypair.pem;": 2, "ssl_certificate_key /etc/nginx/secrets/test-keypair.pem;": 2, + "proxy_ssl_server_name on;": 1, } g := NewWithT(t) serverResults := executeServers(conf)