mTLS - Add client cert on outbound

mddev · July 2, 2019, 12:37am

I’ve asked this question on reddit (https://www.reddit.com/r/Traefik/comments/c1vsq1/mtls_between_2_traefik_instances/ ) and slack, but haven’t gotten a response, so trying here.

I want to know if it’s possible to automatically add a client certificate within Traefik.

We want to add mTLS between 2 distinct data centers, without having to alter all of our back-end services. It’s very similar to this discussion: https://github.com/containous/traefik/issues/4260

Is this possible? Will it be easier in V2 than in V1?

jbd · July 2, 2019, 8:27am

Hi mddev,

Thanks for sharing this use case that is very interesting!

You can use the configuration provided in the referenced issue for Traefik v1, but I don’ t recommend it as it is more a hack than a real solution.

We already started the reflection about this subject for the v2, but we need to achieve some steps before adding a clean and efficient solution.

mddev · July 2, 2019, 11:10pm

Thanks for the update jbd. Struggling to find any view of the timeline for the V2 major release, but I’m guessing it will be after we need this functionality, so we might have to go with the V1 hack for now.

Cheers

jbd · July 3, 2019, 8:55am

There is no public timeline of the v2 release at the moment.
See the v2 project to follow progress on the various issues/tasks.