Consul ESM HTTP health check by another host


I am trying to understand is it possible to use Consul ESM HTTP health check to point to different host. In “curl world” it can be done something like that:

curl --connect-to https://example.service.consul

Use case:
External applications behind this AWS LB expect HTTP connections with SNI “example.service.consul” in order to terminate TLS properly. example.service.consul can point to different external services(in this case different AWS LBs).


Hi @povils

Thanks for your question! As I understand your issue, we currently don’t have a feature in Consul-ESM HTTP health checks that supports configuring SNI for an HTTPS request. Currently, the TLS configuration for HTTP health checks only configures InsecureSkipVerify and unfortunately doesn’t offer configuration for ServerName.

Please go ahead and submit an issue in GitHub for this. Just to flag for you, one potential solution for your use case is a feature to support script checks: If you think this feature will be helpful, please add a :+1:.

Hope that was helpful. Let me know if you have any further issues, questions. Thanks!

1 Like