TlsParametersOrBuilder (api 0.1.28 API)

All Superinterfaces:

com.google.protobuf.MessageLiteOrBuilder, com.google.protobuf.MessageOrBuilder

All Known Implementing Classes:

TlsParameters, TlsParameters.Builder
```
public interface TlsParametersOrBuilder
extends com.google.protobuf.MessageOrBuilder
```

Method Summary

All Methods Instance Methods Abstract Methods
Modifier and Type	Method and Description
`String`	`getCipherSuites(int index)` If specified, the TLS listener will only support the specified `cipher list <https://commondatastorage.googleapis.com/chromium-boringssl-docs/ssl.h.html#Cipher-suite-configuration>`_ when negotiating TLS 1.0-1.2 (this setting has no effect when negotiating TLS 1.3).
`com.google.protobuf.ByteString`	`getCipherSuitesBytes(int index)` If specified, the TLS listener will only support the specified `cipher list <https://commondatastorage.googleapis.com/chromium-boringssl-docs/ssl.h.html#Cipher-suite-configuration>`_ when negotiating TLS 1.0-1.2 (this setting has no effect when negotiating TLS 1.3).
`int`	`getCipherSuitesCount()` If specified, the TLS listener will only support the specified `cipher list <https://commondatastorage.googleapis.com/chromium-boringssl-docs/ssl.h.html#Cipher-suite-configuration>`_ when negotiating TLS 1.0-1.2 (this setting has no effect when negotiating TLS 1.3).
`List<String>`	`getCipherSuitesList()` If specified, the TLS listener will only support the specified `cipher list <https://commondatastorage.googleapis.com/chromium-boringssl-docs/ssl.h.html#Cipher-suite-configuration>`_ when negotiating TLS 1.0-1.2 (this setting has no effect when negotiating TLS 1.3).
`String`	`getEcdhCurves(int index)` If specified, the TLS connection will only support the specified ECDH curves.
`com.google.protobuf.ByteString`	`getEcdhCurvesBytes(int index)` If specified, the TLS connection will only support the specified ECDH curves.
`int`	`getEcdhCurvesCount()` If specified, the TLS connection will only support the specified ECDH curves.
`List<String>`	`getEcdhCurvesList()` If specified, the TLS connection will only support the specified ECDH curves.
`TlsParameters.TlsProtocol`	`getTlsMaximumProtocolVersion()` Maximum TLS protocol version.
`int`	`getTlsMaximumProtocolVersionValue()` Maximum TLS protocol version.
`TlsParameters.TlsProtocol`	`getTlsMinimumProtocolVersion()` Minimum TLS protocol version.
`int`	`getTlsMinimumProtocolVersionValue()` Minimum TLS protocol version.

Methods inherited from interface com.google.protobuf.MessageOrBuilder
findInitializationErrors, getAllFields, getDefaultInstanceForType, getDescriptorForType, getField, getInitializationErrorString, getOneofFieldDescriptor, getRepeatedField, getRepeatedFieldCount, getUnknownFields, hasField, hasOneof

Methods inherited from interface com.google.protobuf.MessageLiteOrBuilder
isInitialized

Method Detail

getTlsMinimumProtocolVersionValue

int getTlsMinimumProtocolVersionValue()

 Minimum TLS protocol version. By default, it's ``TLSv1_2`` for clients and ``TLSv1_0`` for
 servers.

.envoy.api.v2.auth.TlsParameters.TlsProtocol tls_minimum_protocol_version = 1 [(.validate.rules) = { ... }

getTlsMinimumProtocolVersion

TlsParameters.TlsProtocol getTlsMinimumProtocolVersion()

 Minimum TLS protocol version. By default, it's ``TLSv1_2`` for clients and ``TLSv1_0`` for
 servers.

.envoy.api.v2.auth.TlsParameters.TlsProtocol tls_minimum_protocol_version = 1 [(.validate.rules) = { ... }

getTlsMaximumProtocolVersionValue

int getTlsMaximumProtocolVersionValue()

 Maximum TLS protocol version. By default, it's ``TLSv1_2`` for clients and ``TLSv1_3`` for
 servers.

.envoy.api.v2.auth.TlsParameters.TlsProtocol tls_maximum_protocol_version = 2 [(.validate.rules) = { ... }

getTlsMaximumProtocolVersion

TlsParameters.TlsProtocol getTlsMaximumProtocolVersion()

 Maximum TLS protocol version. By default, it's ``TLSv1_2`` for clients and ``TLSv1_3`` for
 servers.

.envoy.api.v2.auth.TlsParameters.TlsProtocol tls_maximum_protocol_version = 2 [(.validate.rules) = { ... }

getCipherSuitesList

List<String> getCipherSuitesList()

 If specified, the TLS listener will only support the specified `cipher list
 <https://commondatastorage.googleapis.com/chromium-boringssl-docs/ssl.h.html#Cipher-suite-configuration>`_
 when negotiating TLS 1.0-1.2 (this setting has no effect when negotiating TLS 1.3). If not
 specified, the default list will be used.
 In non-FIPS builds, the default cipher list is:
 .. code-block:: none
   [ECDHE-ECDSA-AES128-GCM-SHA256|ECDHE-ECDSA-CHACHA20-POLY1305]
   [ECDHE-RSA-AES128-GCM-SHA256|ECDHE-RSA-CHACHA20-POLY1305]
   ECDHE-ECDSA-AES128-SHA
   ECDHE-RSA-AES128-SHA
   AES128-GCM-SHA256
   AES128-SHA
   ECDHE-ECDSA-AES256-GCM-SHA384
   ECDHE-RSA-AES256-GCM-SHA384
   ECDHE-ECDSA-AES256-SHA
   ECDHE-RSA-AES256-SHA
   AES256-GCM-SHA384
   AES256-SHA
 In builds using :ref:`BoringSSL FIPS <arch_overview_ssl_fips>`, the default cipher list is:
 .. code-block:: none
   ECDHE-ECDSA-AES128-GCM-SHA256
   ECDHE-RSA-AES128-GCM-SHA256
   ECDHE-ECDSA-AES128-SHA
   ECDHE-RSA-AES128-SHA
   AES128-GCM-SHA256
   AES128-SHA
   ECDHE-ECDSA-AES256-GCM-SHA384
   ECDHE-RSA-AES256-GCM-SHA384
   ECDHE-ECDSA-AES256-SHA
   ECDHE-RSA-AES256-SHA
   AES256-GCM-SHA384
   AES256-SHA

repeated string cipher_suites = 3;

getCipherSuitesCount

int getCipherSuitesCount()

 If specified, the TLS listener will only support the specified `cipher list
 <https://commondatastorage.googleapis.com/chromium-boringssl-docs/ssl.h.html#Cipher-suite-configuration>`_
 when negotiating TLS 1.0-1.2 (this setting has no effect when negotiating TLS 1.3). If not
 specified, the default list will be used.
 In non-FIPS builds, the default cipher list is:
 .. code-block:: none
   [ECDHE-ECDSA-AES128-GCM-SHA256|ECDHE-ECDSA-CHACHA20-POLY1305]
   [ECDHE-RSA-AES128-GCM-SHA256|ECDHE-RSA-CHACHA20-POLY1305]
   ECDHE-ECDSA-AES128-SHA
   ECDHE-RSA-AES128-SHA
   AES128-GCM-SHA256
   AES128-SHA
   ECDHE-ECDSA-AES256-GCM-SHA384
   ECDHE-RSA-AES256-GCM-SHA384
   ECDHE-ECDSA-AES256-SHA
   ECDHE-RSA-AES256-SHA
   AES256-GCM-SHA384
   AES256-SHA
 In builds using :ref:`BoringSSL FIPS <arch_overview_ssl_fips>`, the default cipher list is:
 .. code-block:: none
   ECDHE-ECDSA-AES128-GCM-SHA256
   ECDHE-RSA-AES128-GCM-SHA256
   ECDHE-ECDSA-AES128-SHA
   ECDHE-RSA-AES128-SHA
   AES128-GCM-SHA256
   AES128-SHA
   ECDHE-ECDSA-AES256-GCM-SHA384
   ECDHE-RSA-AES256-GCM-SHA384
   ECDHE-ECDSA-AES256-SHA
   ECDHE-RSA-AES256-SHA
   AES256-GCM-SHA384
   AES256-SHA

repeated string cipher_suites = 3;

getCipherSuites

String getCipherSuites(int index)

 If specified, the TLS listener will only support the specified `cipher list
 <https://commondatastorage.googleapis.com/chromium-boringssl-docs/ssl.h.html#Cipher-suite-configuration>`_
 when negotiating TLS 1.0-1.2 (this setting has no effect when negotiating TLS 1.3). If not
 specified, the default list will be used.
 In non-FIPS builds, the default cipher list is:
 .. code-block:: none
   [ECDHE-ECDSA-AES128-GCM-SHA256|ECDHE-ECDSA-CHACHA20-POLY1305]
   [ECDHE-RSA-AES128-GCM-SHA256|ECDHE-RSA-CHACHA20-POLY1305]
   ECDHE-ECDSA-AES128-SHA
   ECDHE-RSA-AES128-SHA
   AES128-GCM-SHA256
   AES128-SHA
   ECDHE-ECDSA-AES256-GCM-SHA384
   ECDHE-RSA-AES256-GCM-SHA384
   ECDHE-ECDSA-AES256-SHA
   ECDHE-RSA-AES256-SHA
   AES256-GCM-SHA384
   AES256-SHA
 In builds using :ref:`BoringSSL FIPS <arch_overview_ssl_fips>`, the default cipher list is:
 .. code-block:: none
   ECDHE-ECDSA-AES128-GCM-SHA256
   ECDHE-RSA-AES128-GCM-SHA256
   ECDHE-ECDSA-AES128-SHA
   ECDHE-RSA-AES128-SHA
   AES128-GCM-SHA256
   AES128-SHA
   ECDHE-ECDSA-AES256-GCM-SHA384
   ECDHE-RSA-AES256-GCM-SHA384
   ECDHE-ECDSA-AES256-SHA
   ECDHE-RSA-AES256-SHA
   AES256-GCM-SHA384
   AES256-SHA

repeated string cipher_suites = 3;

getCipherSuitesBytes

com.google.protobuf.ByteString getCipherSuitesBytes(int index)

 If specified, the TLS listener will only support the specified `cipher list
 <https://commondatastorage.googleapis.com/chromium-boringssl-docs/ssl.h.html#Cipher-suite-configuration>`_
 when negotiating TLS 1.0-1.2 (this setting has no effect when negotiating TLS 1.3). If not
 specified, the default list will be used.
 In non-FIPS builds, the default cipher list is:
 .. code-block:: none
   [ECDHE-ECDSA-AES128-GCM-SHA256|ECDHE-ECDSA-CHACHA20-POLY1305]
   [ECDHE-RSA-AES128-GCM-SHA256|ECDHE-RSA-CHACHA20-POLY1305]
   ECDHE-ECDSA-AES128-SHA
   ECDHE-RSA-AES128-SHA
   AES128-GCM-SHA256
   AES128-SHA
   ECDHE-ECDSA-AES256-GCM-SHA384
   ECDHE-RSA-AES256-GCM-SHA384
   ECDHE-ECDSA-AES256-SHA
   ECDHE-RSA-AES256-SHA
   AES256-GCM-SHA384
   AES256-SHA
 In builds using :ref:`BoringSSL FIPS <arch_overview_ssl_fips>`, the default cipher list is:
 .. code-block:: none
   ECDHE-ECDSA-AES128-GCM-SHA256
   ECDHE-RSA-AES128-GCM-SHA256
   ECDHE-ECDSA-AES128-SHA
   ECDHE-RSA-AES128-SHA
   AES128-GCM-SHA256
   AES128-SHA
   ECDHE-ECDSA-AES256-GCM-SHA384
   ECDHE-RSA-AES256-GCM-SHA384
   ECDHE-ECDSA-AES256-SHA
   ECDHE-RSA-AES256-SHA
   AES256-GCM-SHA384
   AES256-SHA

repeated string cipher_suites = 3;

getEcdhCurvesList

List<String> getEcdhCurvesList()

 If specified, the TLS connection will only support the specified ECDH
 curves. If not specified, the default curves will be used.
 In non-FIPS builds, the default curves are:
 .. code-block:: none
   X25519
   P-256
 In builds using :ref:`BoringSSL FIPS <arch_overview_ssl_fips>`, the default curve is:
 .. code-block:: none
   P-256

repeated string ecdh_curves = 4;

getEcdhCurvesCount

int getEcdhCurvesCount()

 If specified, the TLS connection will only support the specified ECDH
 curves. If not specified, the default curves will be used.
 In non-FIPS builds, the default curves are:
 .. code-block:: none
   X25519
   P-256
 In builds using :ref:`BoringSSL FIPS <arch_overview_ssl_fips>`, the default curve is:
 .. code-block:: none
   P-256

repeated string ecdh_curves = 4;

getEcdhCurves

String getEcdhCurves(int index)

 If specified, the TLS connection will only support the specified ECDH
 curves. If not specified, the default curves will be used.
 In non-FIPS builds, the default curves are:
 .. code-block:: none
   X25519
   P-256
 In builds using :ref:`BoringSSL FIPS <arch_overview_ssl_fips>`, the default curve is:
 .. code-block:: none
   P-256

repeated string ecdh_curves = 4;

getEcdhCurvesBytes

com.google.protobuf.ByteString getEcdhCurvesBytes(int index)

 If specified, the TLS connection will only support the specified ECDH
 curves. If not specified, the default curves will be used.
 In non-FIPS builds, the default curves are:
 .. code-block:: none
   X25519
   P-256
 In builds using :ref:`BoringSSL FIPS <arch_overview_ssl_fips>`, the default curve is:
 .. code-block:: none
   P-256

repeated string ecdh_curves = 4;

Interface TlsParametersOrBuilder

Method Summary

Methods inherited from interface com.google.protobuf.MessageOrBuilder

Methods inherited from interface com.google.protobuf.MessageLiteOrBuilder

Method Detail

getTlsMinimumProtocolVersionValue

getTlsMinimumProtocolVersion

getTlsMaximumProtocolVersionValue

getTlsMaximumProtocolVersion

getCipherSuitesList

getCipherSuitesCount

getCipherSuites

getCipherSuitesBytes

getEcdhCurvesList

getEcdhCurvesCount

getEcdhCurves

getEcdhCurvesBytes