WE DO NOT ADVISE CONSUMING THIS RELEASE. PLEASE SKIP TO THE NEXT RELEASE, `0.216.0`, FOR THE BEST EXPERIENCE.

Release Highlights

⚠️ Foundation TLS certificates require Subject Alternative Names (SANs)

Certificates used by the foundation to serve TLS traffic, either by gorouter directly or via a Load Balancer in front of the foundation, now must include at least one Subject Alternative Name due to a deprecation in golang 1.15.

For more information on the context of this change, to understand how the problem presents itself, and what operators need to do, please refer to the golang 1.15 X.509 CommonName deprecation doc.

🐞 Fix: Allow X-Forwarded-Client-Cert header to reach apps in ALWAYS_FORWARD mode

This fix allows the X-Forwarded-Client-Cert header to reach apps behind route services when Gorouter router.forwarded_client_cert is set to ALWAYS_FORWARD.
For more information, see:

GitHub issue #203
Pr #281
Thank you @46bit for the contribution!

cloudfoundry/routing-release 0.215.0
on GitHub

WE DO NOT ADVISE CONSUMING THIS RELEASE. PLEASE SKIP TO THE NEXT RELEASE, `0.216.0`, FOR THE BEST EXPERIENCE.

Release Highlights

⚠️ Foundation TLS certificates require Subject Alternative Names (SANs)

🐞 Fix: Allow X-Forwarded-Client-Cert header to reach apps in ALWAYS_FORWARD mode

✨ Built with golang 1.16.5

cloudfoundry/routing-release 0.215.0 on GitHub

WE DO NOT ADVISE CONSUMING THIS RELEASE. PLEASE SKIP TO THE NEXT RELEASE, 0.216.0, FOR THE BEST EXPERIENCE.

Release Highlights

⚠️ Foundation TLS certificates require Subject Alternative Names (SANs)

🐞 Fix: Allow X-Forwarded-Client-Cert header to reach apps in ALWAYS_FORWARD mode

✨ Built with golang 1.16.5

cloudfoundry/routing-release 0.215.0
on GitHub

WE DO NOT ADVISE CONSUMING THIS RELEASE. PLEASE SKIP TO THE NEXT RELEASE, `0.216.0`, FOR THE BEST EXPERIENCE.