Authenticated origin pulls with Kubernetes & Traefik

Hi,

i try to setup authenticated origin pulls with Kubernetes & Traefik.
mTLS Setup is working on traefik but i don’t get cloudflare to use the Client-Certificate.

My current configuration:

https://api.cloudflare.com/client/v4/zones/<<ZONE>>/origin_tls_client_auth/settings:

{
    "success": true,
    "errors": [],
    "messages": [],
    "result": {
        "enabled": true
    }
}

But when i do a request i geht following error in the traefik log:

time="2021-12-31T12:02:00Z" level=debug msg="Serving default certificate for request: \"<<HOST_NAME>>\""
time="2021-12-31T12:02:00Z" level=debug msg="http: TLS handshake error from 10.10.16.4:38577: tls: client didn't provide a certificate"
time="2021-12-31T12:02:01Z" level=debug msg="Serving default certificate for request: \"<<HOST_NAME>>\""
time="2021-12-31T12:02:01Z" level=debug msg="http: TLS handshake error from 10.10.16.4:45631: tls: client didn't provide a certificate"

Direct request by-passing cloudflare is working with postman & client-certificate:

1 Like

This topic was automatically closed 15 days after the last reply. New replies are no longer allowed.