Skip to main content

TLS Upstream Allow Renegotiation

  • Config File Key: tls_upstream_allow_renegotiation
  • Type: bool
  • Default: false

TLS Upstream Allow Renegotiation controls whether server-initiated TLS renegotiation is allowed for upstream servers. For more details, see Envoy's documentation on allow_renegotiation.


TLS renegotiation is considered insecure and shouldn’t be used unless absolutely necessary.