AlinsRan opened a new issue, #8391: URL: https://github.com/apache/apisix/issues/8391
### Description ## Describe There will be a large number of paths in the gateway, and I hope to perform mTLS authentication on the specified path to protect this path. This needs to be supported by mTLS at the route level, and mTLS mutual authentication can be performed on the specified route. Assuming there are two routes: 1. `/protect/*` HTTPS and mTLS 2. `/public/*` HTTPS In fact, since the mTLS of APISIX cannot work on the route, when accessing different routes with the same SNI, you cannot authenticate the mTLS and TLS at the same time. `/public/*` still uses the mTLS. ## Example ```sh # URL: /protect/post # Expect: HTTPS + mTLS # Actual: HTTPS + mTLS curl --resolve 'httpbin.com:9443:127.0.0.1' https://gateway/protect/post -k --cert ./client.pem --key ./client.key # URL: /public/get # Expect: HTTPS # Actual: HTTPS + mTLS curl --resolve 'httpbin.com:9443:127.0.0.1' https://gateway/public/get -k ``` -- This is an automated message from the Apache Git Service. To respond to the message, please log on to GitHub and use the URL above to go to the specific comment. To unsubscribe, e-mail: [email protected] For queries about this service, please contact Infrastructure at: [email protected]
