Testing and defining support HTTPS for MCP Server backends

[david-martin]

Jira: https://issues.redhat.com/browse/CONNLINK-813

Although there is provision for using a protocol of https in an MCP server endpoint config (

mcp-gateway/pkg/controller/mcpserver_controller.go

Line 523 in 9a1f463

endpoint := fmt.Sprintf("%s://%s%s", protocol, nameAndEndpoint, path)

), this hasn't been tested and verified as working.

Also, there is no provision for adding a custom CA, or allowing insecure servers for development, when connecting to a HTTPS enabled MPC Server.

In general, the story for HTTPS MCP Servers 'in cluster' is not well defined.

We should look to support HTTPS servers, and add e2e tests for them.
It should be possible for users to configure the MCP Gateway (i.e. the mcp-broker) with a CA for use when doing an init/tool list with backend MCP Servers.
We should also consider supporting an insecure flag in the MCPServer resource, mainly for development.

For tool calls, this shouldn't be a concern as requests don't hit the broker, only the router.
For that scenario, the https configuration should be handled at the Gateway & HTTPRoute, possibly via BackendTLSPolicy.

[jasonmadigan]

Have done the initial part of this issue, checking that HTTPS backend MCP servers in cluster actually work with the broker (was untested - they work fine).

Some steps for others if we need to verify again:

MCP Gateway and in-cluster, HTTPS backends

Verifies that the MCP broker works end-to-end over TLS: client connects via HTTPS, initialises a session, lists federated tools, and calls a tool routed. I tested with a Prow cluser (which uses a real LE cert on a ROSA cluster).

Setup & Deploy

bash config/openshift/deploy_openshift.sh

# test servers
kubectl apply -k config/test-servers/
kubectl get deploy -n mcp-test -o name | while read d; do
  name=$(kubectl get "$d" -n mcp-test -o jsonpath='{.spec.template.spec.containers[0].name}')
  kubectl patch "$d" -n mcp-test -p "{\"spec\":{\"template\":{\"spec\":{\"containers\":[{\"name\":\"$name\",\"imagePullPolicy\":\"IfNotPresent\"}]}}}}"
done
kubectl wait --for=condition=Available deployment -n mcp-test --all --timeout=120s
kubectl apply -f config/samples/mcpserverregistration-test-servers-base.yaml

# broker HTTPRoute (not created by Helm chart)
MCP_HOST="mcp.apps.$(oc get dns cluster -o jsonpath='{.spec.baseDomain}')"
cat <<EOF | kubectl apply -f -
apiVersion: gateway.networking.k8s.io/v1
kind: HTTPRoute
metadata:
  name: mcp-broker-route
  namespace: mcp-system
spec:
  parentRefs:
    - name: mcp-gateway
      namespace: gateway-system
      sectionName: mcp
  hostnames:
    - $MCP_HOST
  rules:
    - matches:
        - path:
            type: PathPrefix
            value: /mcp
      backendRefs:
        - name: mcp-gateway-broker
          port: 8080
    - matches:
        - path:
            type: PathPrefix
            value: /.well-known/oauth-protected-resource
      backendRefs:
        - name: mcp-gateway-broker
          port: 8080
EOF

# wait for tool discovery
kubectl wait --for=condition=Ready mcpserverregistrations -n mcp-test --all --timeout=60s

Verify

MCP_HOST="mcp.apps.$(oc get dns cluster -o jsonpath='{.spec.baseDomain}')"
kubectl get mcpserverregistrations -n mcp-test

NAME           PREFIX   TARGET              PATH   READY   TOOLS   CREDENTIALS   AGE
test-server1   test1_   mcp-server1-route   /mcp   True    5                     11m
test-server2   test2_   mcp-server2-route   /mcp   True    5                     11m

# initialize
SESSION=$(curl -s -X POST "https://${MCP_HOST}/mcp" \
  -H 'Content-Type: application/json' -H 'Accept: application/json' \
  -d '{"jsonrpc":"2.0","id":1,"method":"initialize","params":{"protocolVersion":"2025-03-26","capabilities":{},"clientInfo":{"name":"test","version":"1.0"}}}' \
  -D - -o /dev/null 2>/dev/null | grep mcp-session-id | tr -d '\r' | cut -d' ' -f2)
echo "Session: $SESSION"

Session: eyJhbGciOiJIUzI1NiIsInR5cCI6IkpXVCJ9...

# tools/list
curl -s -X POST "https://${MCP_HOST}/mcp" \
  -H 'Content-Type: application/json' -H 'Accept: application/json' \
  -H "mcp-session-id: $SESSION" \
  -d '{"jsonrpc":"2.0","id":2,"method":"tools/list"}'

{"jsonrpc":"2.0","id":2,"result":{"tools":[
  {"name":"test1_add_tool","description":"dynamically add a new tool ..."},
  {"name":"test1_greet","description":"say hi",...},
  {"name":"test1_headers",...},
  {"name":"test1_slow",...},
  {"name":"test1_time",...},
  {"name":"test2_auth1234",...},
  {"name":"test2_headers",...},
  {"name":"test2_hello_world",...},
  {"name":"test2_slow",...},
  {"name":"test2_time",...}
]}}

# tools/call
curl -s -X POST "https://${MCP_HOST}/mcp" \
  -H 'Content-Type: application/json' -H 'Accept: application/json, text/event-stream' \
  -H "mcp-session-id: $SESSION" \
  -d '{"jsonrpc":"2.0","id":3,"method":"tools/call","params":{"name":"test1_greet","arguments":{"name":"OpenShift"}}}'

event: message
id: 3_0
data: {"jsonrpc":"2.0","id":3,"result":{"content":[{"type":"text","text":"Hi OpenShift"}],"structuredContent":{}}}

[jasonmadigan]

Follow up issues:

• E2E tests for HTTPS MCP server backends #477
  • Could alter the scope of this to also include testing of "on-cluster" HTTPS MCP servers?
• Custom TLS configuration for broker-to-backend connections #659