public static interface DestinationRuleOuterClass.ClientTLSSettingsOrBuilder
extends com.google.protobuf.MessageOrBuilder
| 限定符和类型 | 方法和说明 |
|---|---|
String |
getCaCertificates()
OPTIONAL: The path to the file containing certificate authority
certificates to use in verifying a presented server certificate.
|
com.google.protobuf.ByteString |
getCaCertificatesBytes()
OPTIONAL: The path to the file containing certificate authority
certificates to use in verifying a presented server certificate.
|
String |
getClientCertificate()
REQUIRED if mode is `MUTUAL`.
|
com.google.protobuf.ByteString |
getClientCertificateBytes()
REQUIRED if mode is `MUTUAL`.
|
String |
getCredentialName()
The name of the secret that holds the TLS certs for the
client including the CA certificates.
|
com.google.protobuf.ByteString |
getCredentialNameBytes()
The name of the secret that holds the TLS certs for the
client including the CA certificates.
|
DestinationRuleOuterClass.ClientTLSSettings.TLSmode |
getMode()
Indicates whether connections to this port should be secured
using TLS.
|
int |
getModeValue()
Indicates whether connections to this port should be secured
using TLS.
|
String |
getPrivateKey()
REQUIRED if mode is `MUTUAL`.
|
com.google.protobuf.ByteString |
getPrivateKeyBytes()
REQUIRED if mode is `MUTUAL`.
|
String |
getSni()
SNI string to present to the server during TLS handshake.
|
com.google.protobuf.ByteString |
getSniBytes()
SNI string to present to the server during TLS handshake.
|
String |
getSubjectAltNames(int index)
A list of alternate names to verify the subject identity in the
certificate.
|
com.google.protobuf.ByteString |
getSubjectAltNamesBytes(int index)
A list of alternate names to verify the subject identity in the
certificate.
|
int |
getSubjectAltNamesCount()
A list of alternate names to verify the subject identity in the
certificate.
|
List<String> |
getSubjectAltNamesList()
A list of alternate names to verify the subject identity in the
certificate.
|
int getModeValue()
Indicates whether connections to this port should be secured using TLS. The value of this field determines how TLS is enforced.
.istio.networking.v1alpha3.ClientTLSSettings.TLSmode mode = 1 [(.google.api.field_behavior) = REQUIRED];DestinationRuleOuterClass.ClientTLSSettings.TLSmode getMode()
Indicates whether connections to this port should be secured using TLS. The value of this field determines how TLS is enforced.
.istio.networking.v1alpha3.ClientTLSSettings.TLSmode mode = 1 [(.google.api.field_behavior) = REQUIRED];String getClientCertificate()
REQUIRED if mode is `MUTUAL`. The path to the file holding the client-side TLS certificate to use. Should be empty if mode is `ISTIO_MUTUAL`.
string client_certificate = 2;com.google.protobuf.ByteString getClientCertificateBytes()
REQUIRED if mode is `MUTUAL`. The path to the file holding the client-side TLS certificate to use. Should be empty if mode is `ISTIO_MUTUAL`.
string client_certificate = 2;String getPrivateKey()
REQUIRED if mode is `MUTUAL`. The path to the file holding the client's private key. Should be empty if mode is `ISTIO_MUTUAL`.
string private_key = 3;com.google.protobuf.ByteString getPrivateKeyBytes()
REQUIRED if mode is `MUTUAL`. The path to the file holding the client's private key. Should be empty if mode is `ISTIO_MUTUAL`.
string private_key = 3;String getCaCertificates()
OPTIONAL: The path to the file containing certificate authority certificates to use in verifying a presented server certificate. If omitted, the proxy will not verify the server's certificate. Should be empty if mode is `ISTIO_MUTUAL`.
string ca_certificates = 4;com.google.protobuf.ByteString getCaCertificatesBytes()
OPTIONAL: The path to the file containing certificate authority certificates to use in verifying a presented server certificate. If omitted, the proxy will not verify the server's certificate. Should be empty if mode is `ISTIO_MUTUAL`.
string ca_certificates = 4;String getCredentialName()
The name of the secret that holds the TLS certs for the client including the CA certificates. Secret must exist in the same namespace with the proxy using the certificates. The secret (of type `generic`)should contain the following keys and values: `key: <privateKey>`, `cert: <serverCert>`, `cacert: <CACertificate>`. Secret of type tls for client certificates along with ca.crt key for CA certificates is also supported. Only one of client certificates and CA certificate or credentialName can be specified. **NOTE:** This field is currently applicable only at gateways. Sidecars will continue to use the certificate paths.
string credential_name = 7;com.google.protobuf.ByteString getCredentialNameBytes()
The name of the secret that holds the TLS certs for the client including the CA certificates. Secret must exist in the same namespace with the proxy using the certificates. The secret (of type `generic`)should contain the following keys and values: `key: <privateKey>`, `cert: <serverCert>`, `cacert: <CACertificate>`. Secret of type tls for client certificates along with ca.crt key for CA certificates is also supported. Only one of client certificates and CA certificate or credentialName can be specified. **NOTE:** This field is currently applicable only at gateways. Sidecars will continue to use the certificate paths.
string credential_name = 7;List<String> getSubjectAltNamesList()
A list of alternate names to verify the subject identity in the certificate. If specified, the proxy will verify that the server certificate's subject alt name matches one of the specified values. If specified, this list overrides the value of subject_alt_names from the ServiceEntry.
repeated string subject_alt_names = 5;int getSubjectAltNamesCount()
A list of alternate names to verify the subject identity in the certificate. If specified, the proxy will verify that the server certificate's subject alt name matches one of the specified values. If specified, this list overrides the value of subject_alt_names from the ServiceEntry.
repeated string subject_alt_names = 5;String getSubjectAltNames(int index)
A list of alternate names to verify the subject identity in the certificate. If specified, the proxy will verify that the server certificate's subject alt name matches one of the specified values. If specified, this list overrides the value of subject_alt_names from the ServiceEntry.
repeated string subject_alt_names = 5;index - The index of the element to return.com.google.protobuf.ByteString getSubjectAltNamesBytes(int index)
A list of alternate names to verify the subject identity in the certificate. If specified, the proxy will verify that the server certificate's subject alt name matches one of the specified values. If specified, this list overrides the value of subject_alt_names from the ServiceEntry.
repeated string subject_alt_names = 5;index - The index of the value to return.String getSni()
SNI string to present to the server during TLS handshake.
string sni = 6;com.google.protobuf.ByteString getSniBytes()
SNI string to present to the server during TLS handshake.
string sni = 6;Copyright © 2018–2023 Alibaba Group. All rights reserved.