I am trying to do a upstream ssl_handshake using “resty.http” module from inside my plugin.
Using code example from other plugins (http_log):
if parsed_url.scheme == “https” then
local _, err = httpc:ssl_handshake(true, host, false)
if err then
return nil, "failed to do SSL handshake with " …
host … “:” … tostring(port) … ": " … err
end
end
I see handshake initiated with upstream service (in this case tomcat) but it fails because kong does not send it’s certificate chain. I was expecting the ‘client_ssl_cert’ setting to serve as the path to the cert file to send.