Pomerium v0.26 is here with performance improvements and bug fixes!
Highlights include:
Enterprise:
PPL builder can verify client certificate's Subject Alternative Name (SAN) based on additional criteria
mTLS enforcement mode can require trusted client certificates
External data sources can now be keyed based on client certificate fingerprint
PPL supports numerical comparison operators when using external data sources
We’ve added print() support to help write custom Rego policies
Core:
Routes can now be configured to return a static HTTP response.
It is now possible to chain TCP connections over multiple proxy hops.
Host header rewriting is now more consistent and predictable.
We’ve updated the way Pomerium refreshes OAuth access tokens in order to improve reliability.
Please view the Core and Enterprise changelogs for more information and make sure to address any necessary changes to your configuration before upgrading.
Big thank you to all our users, and to everyone who contributed to this release!
Best,
Pomerium Team