This section describes the supported HTTP authentication methods that allow Secretless to proxy HTTP requests.


Each socket on which Secretless is configured to listen can proxy requests to only one HTTP backend. Secretless does not currently support proxying to multiple HTTP backends using a single socket. For details on configuring multiple HTTP service connectors, see Secretlesss Configuration.

Manage server certificates

If any target service in your Secretless configuration uses self-signed certificates, Secretless needs to be configured with the root certificate authority (CA) certificate of the target service in order to verify the server certificates when proxying requests. To do this, ensure the following variable is set in the Secretless environment:




The path to a bundle of CA certificates. The bundle is appended to the certificate pool Secretless uses for server certificate verification of all HTTP service connectors.

Known issues

Secretless does not currently support passing the following HTTP headers from the client to the server:

  • Proxy-Connection
  • Proxy-Authenticate
  • Proxy-Authorization