Feature Request: SNI based TLS routing with shared IPv4

I would like to host non-http services and provision my own certificates with a shared IPv4 address (on port 443 though others probably need more flexibility here). This currently requires a dedicated IPv4 address due to lack of SNI routing support.

Here is an example of how to do it in go.

Note that I could share a dedicated IPv4 address among apps by running my own SNI proxy but it would be nice if the platform natively supported it.

1 Like

We probably won’t build this, just because it’s relatively niche. Not because it’s not a good idea. :slight_smile:

Are you mostly concerned with saving money on IPs here? I think an app to do your own SNI routing is the way to go.

1 Like

Yeah it mostly boils down to saving money on public IPv4 IPs while terminating TLS at the app instead of the ingress. It is my preferred approach in Kubernetes.