istio: Index | Files

package auth

import ""


Package Files


type CertificateValidationContext Uses

type CertificateValidationContext struct {
    // TLS certificate data containing certificate authority certificates to use in verifying
    // a presented peer certificate (e.g. server certificate for clusters or client certificate
    // for listeners).
    TrustedCa *DataSource `json:"trusted_ca,omitempty"`
    // An optional list of Subject Alternative Names. If specified, Envoy will verify that the
    // Subject Alternative Name of the presented certificate matches one of the specified values.
    VerifySubjectAltName []string `json:"verify_subject_alt_name,omitempty"`

type CommonTLSContext Uses

type CommonTLSContext struct {
    // Only a single TLS certificate is supported in client contexts.
    TLSCertificates []*TLSCertificate `json:"tls_certificates,omitempty"`
    //How to validate peer certificates
    ValidationContext *CertificateValidationContext `json:"validation_context,omitempty"`
    // Supplies the list of ALPN protocols that the listener should expose.
    AlpnProtocols []string `json:"alpn_protocols,omitempty"`

TLS context shared by both client and server TLS contexts.

type DataSource Uses

type DataSource struct {
    // Only support Filename:
    Filename string `json:"filename,omitempty"`

Data source consisting of a file.

type TLSCertificate Uses

type TLSCertificate struct {
    // The TLS certificate chain.
    CertificateChain *DataSource `json:"certificate_chain,omitempty"`
    // The TLS private key.
    PrivateKey *DataSource `json:"private_key,omitempty"`

type UpstreamTLSContext Uses

type UpstreamTLSContext struct {
    // Common TLS context settings.
    CommonTLSContext *CommonTLSContext `json:"common_tls_context,omitempty"`
    // SNI string to use when creating TLS backend connections.
    Sni string `json:"sni,omitempty"`

Package auth is imported by 2 packages. Updated 2019-08-20. Refresh now. Tools for package owners.