| Can you describe your use-case? If you are talking about the ability to select a certificate on the fly via `ssl_certificate_by_lua_block`[1] we are not aware of such functionality. If you are missing something, I would highly encourage you discuss it with the community on a github! From Oleg Guba, Traffic Team TL, co-author, and person driving the deployment: * ListenerFilters + NetworkFilters are flexible enough, that some of the custom logic could be just moved to the config. From Ruslan Nigmatullin, our head Envoy developer: If you are talking more about a custom verification code there is already couple of ways to do that: * Client TLS auth Network Filter: https://www.envoyproxy.io/docs/envoy/latest/configuration/li... * Alternatively, if you are writing C++ extension you can use Network::ReadFilter, Network::ConnectionCallbacks. [1] https://github.com/openresty/lua-nginx-module#ssl_certificat...
[2] https://github.com/openresty/lua-resty-core/blob/master/lib/... |
You don’t just load up a million cents as files and restart the server (though I do know a company that does something like this, but man, quite brittle).