Just wondering if anyone else run into this, or on the flip side - has had success with active healthchecks for upstreams, where they can go from unhealthy to healthy / and back again? Currently I’m having to manually get things back to healthy if a target has gone unhealthy, active checks aren’t detecting things properly.
after investigating ive found that i hit one particular weird scenario. All normal scenarios are working
if the target requires a client cert and the best status you can get back is http 400…
eg if the nginx test service has something like
listen 8443 ssl;
ssl_client_certificate /etc/nginx/certs/client_ca.crt; ssl_verify_client on; ssl_verify_depth 2;
And the way around it is to add 400s to the healthy statuses list eg