TLS Downstream Server Name
Summary
TLS Downstream Server Name overrides the hostname specified in the from field. When a connection to Pomerium is made via TLS the tls_downstream_server_name will be used as the expected Server Name Indication, whereas the host part of the from field, will be expected to match the Host or :authority headers of the HTTP request.
How to configure
- Core
- Enterprise
- Kubernetes
| Config file keys | Environment variables | Type | Usage |
|---|---|---|---|
tls_downstream_server_name | TLS_DOWNSTREAM_SERVER_NAME | string | optional |
Set TLS Downstream Server Name in the Console:
Kubernetes does not support tls_downstream_server_name