Package io.envoyproxy.envoy.api.v2.auth

Interface CommonTlsContextOrBuilder

All Superinterfaces:
com.google.protobuf.MessageLiteOrBuilder, com.google.protobuf.MessageOrBuilder
All Known Implementing Classes:
CommonTlsContext, CommonTlsContext.Builder
public interface CommonTlsContextOrBuilder extends com.google.protobuf.MessageOrBuilder

  • Method Details

    • hasTlsParams

      boolean hasTlsParams()
       TLS protocol versions, cipher suites etc.
      .envoy.api.v2.auth.TlsParameters tls_params = 1;
      Returns:
      Whether the tlsParams field is set.

    • getTlsParams

      TlsParameters getTlsParams()
       TLS protocol versions, cipher suites etc.
      .envoy.api.v2.auth.TlsParameters tls_params = 1;
      Returns:
      The tlsParams.

    • getTlsParamsOrBuilder

      TlsParametersOrBuilder getTlsParamsOrBuilder()
       TLS protocol versions, cipher suites etc.
      .envoy.api.v2.auth.TlsParameters tls_params = 1;

    • getTlsCertificatesList

      List<TlsCertificate> getTlsCertificatesList()
       :ref:`Multiple TLS certificates <arch_overview_ssl_cert_select>` can be associated with the
 same context to allow both RSA and ECDSA certificates.

 Only a single TLS certificate is supported in client contexts. In server contexts, the first
 RSA certificate is used for clients that only support RSA and the first ECDSA certificate is
 used for clients that support ECDSA.
      repeated .envoy.api.v2.auth.TlsCertificate tls_certificates = 2;

    • getTlsCertificates

      TlsCertificate getTlsCertificates(int index)
       :ref:`Multiple TLS certificates <arch_overview_ssl_cert_select>` can be associated with the
 same context to allow both RSA and ECDSA certificates.

 Only a single TLS certificate is supported in client contexts. In server contexts, the first
 RSA certificate is used for clients that only support RSA and the first ECDSA certificate is
 used for clients that support ECDSA.
      repeated .envoy.api.v2.auth.TlsCertificate tls_certificates = 2;

    • getTlsCertificatesCount

      int getTlsCertificatesCount()
       :ref:`Multiple TLS certificates <arch_overview_ssl_cert_select>` can be associated with the
 same context to allow both RSA and ECDSA certificates.

 Only a single TLS certificate is supported in client contexts. In server contexts, the first
 RSA certificate is used for clients that only support RSA and the first ECDSA certificate is
 used for clients that support ECDSA.
      repeated .envoy.api.v2.auth.TlsCertificate tls_certificates = 2;

    • getTlsCertificatesOrBuilderList

      List<? extends TlsCertificateOrBuilder> getTlsCertificatesOrBuilderList()
       :ref:`Multiple TLS certificates <arch_overview_ssl_cert_select>` can be associated with the
 same context to allow both RSA and ECDSA certificates.

 Only a single TLS certificate is supported in client contexts. In server contexts, the first
 RSA certificate is used for clients that only support RSA and the first ECDSA certificate is
 used for clients that support ECDSA.
      repeated .envoy.api.v2.auth.TlsCertificate tls_certificates = 2;

    • getTlsCertificatesOrBuilder

      TlsCertificateOrBuilder getTlsCertificatesOrBuilder(int index)
       :ref:`Multiple TLS certificates <arch_overview_ssl_cert_select>` can be associated with the
 same context to allow both RSA and ECDSA certificates.

 Only a single TLS certificate is supported in client contexts. In server contexts, the first
 RSA certificate is used for clients that only support RSA and the first ECDSA certificate is
 used for clients that support ECDSA.
      repeated .envoy.api.v2.auth.TlsCertificate tls_certificates = 2;

    • getTlsCertificateSdsSecretConfigsList

      List<SdsSecretConfig> getTlsCertificateSdsSecretConfigsList()
       Configs for fetching TLS certificates via SDS API.
      repeated .envoy.api.v2.auth.SdsSecretConfig tls_certificate_sds_secret_configs = 6 [(.validate.rules) = { ... }

    • getTlsCertificateSdsSecretConfigs

      SdsSecretConfig getTlsCertificateSdsSecretConfigs(int index)
       Configs for fetching TLS certificates via SDS API.
      repeated .envoy.api.v2.auth.SdsSecretConfig tls_certificate_sds_secret_configs = 6 [(.validate.rules) = { ... }

    • getTlsCertificateSdsSecretConfigsCount

      int getTlsCertificateSdsSecretConfigsCount()
       Configs for fetching TLS certificates via SDS API.
      repeated .envoy.api.v2.auth.SdsSecretConfig tls_certificate_sds_secret_configs = 6 [(.validate.rules) = { ... }

    • getTlsCertificateSdsSecretConfigsOrBuilderList

      List<? extends SdsSecretConfigOrBuilder> getTlsCertificateSdsSecretConfigsOrBuilderList()
       Configs for fetching TLS certificates via SDS API.
      repeated .envoy.api.v2.auth.SdsSecretConfig tls_certificate_sds_secret_configs = 6 [(.validate.rules) = { ... }

    • getTlsCertificateSdsSecretConfigsOrBuilder

      SdsSecretConfigOrBuilder getTlsCertificateSdsSecretConfigsOrBuilder(int index)
       Configs for fetching TLS certificates via SDS API.
      repeated .envoy.api.v2.auth.SdsSecretConfig tls_certificate_sds_secret_configs = 6 [(.validate.rules) = { ... }

    • hasValidationContext

      boolean hasValidationContext()
       How to validate peer certificates.
      .envoy.api.v2.auth.CertificateValidationContext validation_context = 3;
      Returns:
      Whether the validationContext field is set.

    • getValidationContext

      CertificateValidationContext getValidationContext()
       How to validate peer certificates.
      .envoy.api.v2.auth.CertificateValidationContext validation_context = 3;
      Returns:
      The validationContext.

    • getValidationContextOrBuilder

      CertificateValidationContextOrBuilder getValidationContextOrBuilder()
       How to validate peer certificates.
      .envoy.api.v2.auth.CertificateValidationContext validation_context = 3;

    • hasValidationContextSdsSecretConfig

      boolean hasValidationContextSdsSecretConfig()
       Config for fetching validation context via SDS API.
      .envoy.api.v2.auth.SdsSecretConfig validation_context_sds_secret_config = 7;
      Returns:
      Whether the validationContextSdsSecretConfig field is set.

    • getValidationContextSdsSecretConfig

      SdsSecretConfig getValidationContextSdsSecretConfig()
       Config for fetching validation context via SDS API.
      .envoy.api.v2.auth.SdsSecretConfig validation_context_sds_secret_config = 7;
      Returns:
      The validationContextSdsSecretConfig.

    • getValidationContextSdsSecretConfigOrBuilder

      SdsSecretConfigOrBuilder getValidationContextSdsSecretConfigOrBuilder()
       Config for fetching validation context via SDS API.
      .envoy.api.v2.auth.SdsSecretConfig validation_context_sds_secret_config = 7;

    • hasCombinedValidationContext

      boolean hasCombinedValidationContext()
       Combined certificate validation context holds a default CertificateValidationContext
 and SDS config. When SDS server returns dynamic CertificateValidationContext, both dynamic
 and default CertificateValidationContext are merged into a new CertificateValidationContext
 for validation. This merge is done by Message::MergeFrom(), so dynamic
 CertificateValidationContext overwrites singular fields in default
 CertificateValidationContext, and concatenates repeated fields to default
 CertificateValidationContext, and logical OR is applied to boolean fields.
      .envoy.api.v2.auth.CommonTlsContext.CombinedCertificateValidationContext combined_validation_context = 8;
      Returns:
      Whether the combinedValidationContext field is set.

    • getCombinedValidationContext

      CommonTlsContext.CombinedCertificateValidationContext getCombinedValidationContext()
       Combined certificate validation context holds a default CertificateValidationContext
 and SDS config. When SDS server returns dynamic CertificateValidationContext, both dynamic
 and default CertificateValidationContext are merged into a new CertificateValidationContext
 for validation. This merge is done by Message::MergeFrom(), so dynamic
 CertificateValidationContext overwrites singular fields in default
 CertificateValidationContext, and concatenates repeated fields to default
 CertificateValidationContext, and logical OR is applied to boolean fields.
      .envoy.api.v2.auth.CommonTlsContext.CombinedCertificateValidationContext combined_validation_context = 8;
      Returns:
      The combinedValidationContext.

    • getCombinedValidationContextOrBuilder

      CommonTlsContext.CombinedCertificateValidationContextOrBuilder getCombinedValidationContextOrBuilder()
       Combined certificate validation context holds a default CertificateValidationContext
 and SDS config. When SDS server returns dynamic CertificateValidationContext, both dynamic
 and default CertificateValidationContext are merged into a new CertificateValidationContext
 for validation. This merge is done by Message::MergeFrom(), so dynamic
 CertificateValidationContext overwrites singular fields in default
 CertificateValidationContext, and concatenates repeated fields to default
 CertificateValidationContext, and logical OR is applied to boolean fields.
      .envoy.api.v2.auth.CommonTlsContext.CombinedCertificateValidationContext combined_validation_context = 8;

    • getAlpnProtocolsList

      List<String> getAlpnProtocolsList()
       Supplies the list of ALPN protocols that the listener should expose. In
 practice this is likely to be set to one of two values (see the
 :ref:`codec_type
 <envoy_api_field_config.filter.network.http_connection_manager.v2.HttpConnectionManager.codec_type>`
 parameter in the HTTP connection manager for more information):

 * "h2,http/1.1" If the listener is going to support both HTTP/2 and HTTP/1.1.
 * "http/1.1" If the listener is only going to support HTTP/1.1.

 There is no default for this parameter. If empty, Envoy will not expose ALPN.
      repeated string alpn_protocols = 4;
      Returns:
      A list containing the alpnProtocols.

    • getAlpnProtocolsCount

      int getAlpnProtocolsCount()
       Supplies the list of ALPN protocols that the listener should expose. In
 practice this is likely to be set to one of two values (see the
 :ref:`codec_type
 <envoy_api_field_config.filter.network.http_connection_manager.v2.HttpConnectionManager.codec_type>`
 parameter in the HTTP connection manager for more information):

 * "h2,http/1.1" If the listener is going to support both HTTP/2 and HTTP/1.1.
 * "http/1.1" If the listener is only going to support HTTP/1.1.

 There is no default for this parameter. If empty, Envoy will not expose ALPN.
      repeated string alpn_protocols = 4;
      Returns:
      The count of alpnProtocols.

    • getAlpnProtocols

      String getAlpnProtocols(int index)
       Supplies the list of ALPN protocols that the listener should expose. In
 practice this is likely to be set to one of two values (see the
 :ref:`codec_type
 <envoy_api_field_config.filter.network.http_connection_manager.v2.HttpConnectionManager.codec_type>`
 parameter in the HTTP connection manager for more information):

 * "h2,http/1.1" If the listener is going to support both HTTP/2 and HTTP/1.1.
 * "http/1.1" If the listener is only going to support HTTP/1.1.

 There is no default for this parameter. If empty, Envoy will not expose ALPN.
      repeated string alpn_protocols = 4;
      Parameters:
      index - The index of the element to return.
      Returns:
      The alpnProtocols at the given index.

    • getAlpnProtocolsBytes

      com.google.protobuf.ByteString getAlpnProtocolsBytes(int index)
       Supplies the list of ALPN protocols that the listener should expose. In
 practice this is likely to be set to one of two values (see the
 :ref:`codec_type
 <envoy_api_field_config.filter.network.http_connection_manager.v2.HttpConnectionManager.codec_type>`
 parameter in the HTTP connection manager for more information):

 * "h2,http/1.1" If the listener is going to support both HTTP/2 and HTTP/1.1.
 * "http/1.1" If the listener is only going to support HTTP/1.1.

 There is no default for this parameter. If empty, Envoy will not expose ALPN.
      repeated string alpn_protocols = 4;
      Parameters:
      index - The index of the value to return.
      Returns:
      The bytes of the alpnProtocols at the given index.

    • getValidationContextTypeCase

      CommonTlsContext.ValidationContextTypeCase getValidationContextTypeCase()