Q. How to Pass though SSL termination?

Hi there,

I am trying to pass though three backends used for kubernetes admin for kubectl. These are just SSL backends with self assigned certs (on the backend) which you must use to connect. If I can just get pass though working so it does nothing, it should work fine.

I have gone though the docs and also google but cant seem to find away but I highly suspect it sould be possibe with caddy but am coming up short.

I have tried various ways to pass it though without sucess because the external cert is stepping in and breaking auth. I have also tried switching off tls but then wont respond at all. Below is my latest attempt.

  import ../headers.inc
  import ../common.inc

  tls {
    dns cloudflare

# ------ Kubernetes ------

  # Backend (k8s)
  proxy / https://node01-k8s.example.work:6443, https://node02-k8s.example.work:6443, https://node03-k8s.example.work:6443  {
    policy first
    health_check /healthz

Does anyone have an idea or clue how this can be done? any tips/suggestions would be really greatful.

Kind Regards,


Just trying to make sure I’m on the same page, you want Caddy to not terminate SSL and pass through the TCP connection directly to the upstream server so it can present its own SSL certificate to the connecting client?

This topic was automatically closed 90 days after the last reply. New replies are no longer allowed.