Section – Allowed Network Endpoints
Hostname | The FQDN hostname or IPv4/IPv6 address of the external server. |
Port | Port of the service on the allowed host endpoint. |
Usage
By default, Airlock Gateway refuses connections to arbitrary hosts on the internet. Hosts can be added to the allowlist with hostname and port to the list of allowed network endpoints.
Endpoints can be required for multiple reasons such as:
- For dynamic certificate validation over external OCSP hosts.
- OCSP stapling of server certificates (see also: Tab – SSL).
- OCSP validation of client certificates (see also: Tab - Client Certificates).
- As proxy for Let’s Encrypt as certificate provider. Note that this requires MDHttpProxy settings in the Apache Expert Settings.