public interface DownstreamTlsContextOrBuilder
extends com.google.protobuf.MessageOrBuilder
| Modifier and Type | Method and Description |
|---|---|
CommonTlsContext |
getCommonTlsContext()
Common TLS context settings.
|
CommonTlsContextOrBuilder |
getCommonTlsContextOrBuilder()
Common TLS context settings.
|
boolean |
getDisableStatelessSessionResumption()
Config for controlling stateless TLS session resumption: setting this to true will cause the TLS
server to not issue TLS session tickets for the purposes of stateless TLS session resumption.
|
DownstreamTlsContext.OcspStaplePolicy |
getOcspStaplePolicy()
Config for whether to use certificates if they do not have
an accompanying OCSP response or if the response expires at runtime.
|
int |
getOcspStaplePolicyValue()
Config for whether to use certificates if they do not have
an accompanying OCSP response or if the response expires at runtime.
|
com.google.protobuf.BoolValue |
getRequireClientCertificate()
If specified, Envoy will reject connections without a valid client
certificate.
|
com.google.protobuf.BoolValueOrBuilder |
getRequireClientCertificateOrBuilder()
If specified, Envoy will reject connections without a valid client
certificate.
|
com.google.protobuf.BoolValue |
getRequireSni()
If specified, Envoy will reject connections without a valid and matching SNI.
|
com.google.protobuf.BoolValueOrBuilder |
getRequireSniOrBuilder()
If specified, Envoy will reject connections without a valid and matching SNI.
|
TlsSessionTicketKeys |
getSessionTicketKeys()
TLS session ticket key settings.
|
TlsSessionTicketKeysOrBuilder |
getSessionTicketKeysOrBuilder()
TLS session ticket key settings.
|
SdsSecretConfig |
getSessionTicketKeysSdsSecretConfig()
Config for fetching TLS session ticket keys via SDS API.
|
SdsSecretConfigOrBuilder |
getSessionTicketKeysSdsSecretConfigOrBuilder()
Config for fetching TLS session ticket keys via SDS API.
|
DownstreamTlsContext.SessionTicketKeysTypeCase |
getSessionTicketKeysTypeCase() |
com.google.protobuf.Duration |
getSessionTimeout()
If specified, session_timeout will change maximum lifetime (in seconds) of TLS session
Currently this value is used as a hint to `TLS session ticket lifetime (for TLSv1.2)
<https://tools.ietf.org/html/rfc5077#section-5.6>`
only seconds could be specified (fractional seconds are going to be ignored).
|
com.google.protobuf.DurationOrBuilder |
getSessionTimeoutOrBuilder()
If specified, session_timeout will change maximum lifetime (in seconds) of TLS session
Currently this value is used as a hint to `TLS session ticket lifetime (for TLSv1.2)
<https://tools.ietf.org/html/rfc5077#section-5.6>`
only seconds could be specified (fractional seconds are going to be ignored).
|
boolean |
hasCommonTlsContext()
Common TLS context settings.
|
boolean |
hasRequireClientCertificate()
If specified, Envoy will reject connections without a valid client
certificate.
|
boolean |
hasRequireSni()
If specified, Envoy will reject connections without a valid and matching SNI.
|
boolean |
hasSessionTicketKeys()
TLS session ticket key settings.
|
boolean |
hasSessionTicketKeysSdsSecretConfig()
Config for fetching TLS session ticket keys via SDS API.
|
boolean |
hasSessionTimeout()
If specified, session_timeout will change maximum lifetime (in seconds) of TLS session
Currently this value is used as a hint to `TLS session ticket lifetime (for TLSv1.2)
<https://tools.ietf.org/html/rfc5077#section-5.6>`
only seconds could be specified (fractional seconds are going to be ignored).
|
findInitializationErrors, getAllFields, getDefaultInstanceForType, getDescriptorForType, getField, getInitializationErrorString, getOneofFieldDescriptor, getRepeatedField, getRepeatedFieldCount, getUnknownFields, hasField, hasOneofboolean hasCommonTlsContext()
Common TLS context settings.
.envoy.extensions.transport_sockets.tls.v4alpha.CommonTlsContext common_tls_context = 1;CommonTlsContext getCommonTlsContext()
Common TLS context settings.
.envoy.extensions.transport_sockets.tls.v4alpha.CommonTlsContext common_tls_context = 1;CommonTlsContextOrBuilder getCommonTlsContextOrBuilder()
Common TLS context settings.
.envoy.extensions.transport_sockets.tls.v4alpha.CommonTlsContext common_tls_context = 1;boolean hasRequireClientCertificate()
If specified, Envoy will reject connections without a valid client certificate.
.google.protobuf.BoolValue require_client_certificate = 2;com.google.protobuf.BoolValue getRequireClientCertificate()
If specified, Envoy will reject connections without a valid client certificate.
.google.protobuf.BoolValue require_client_certificate = 2;com.google.protobuf.BoolValueOrBuilder getRequireClientCertificateOrBuilder()
If specified, Envoy will reject connections without a valid client certificate.
.google.protobuf.BoolValue require_client_certificate = 2;boolean hasRequireSni()
If specified, Envoy will reject connections without a valid and matching SNI. [#not-implemented-hide:]
.google.protobuf.BoolValue require_sni = 3;com.google.protobuf.BoolValue getRequireSni()
If specified, Envoy will reject connections without a valid and matching SNI. [#not-implemented-hide:]
.google.protobuf.BoolValue require_sni = 3;com.google.protobuf.BoolValueOrBuilder getRequireSniOrBuilder()
If specified, Envoy will reject connections without a valid and matching SNI. [#not-implemented-hide:]
.google.protobuf.BoolValue require_sni = 3;boolean hasSessionTicketKeys()
TLS session ticket key settings.
.envoy.extensions.transport_sockets.tls.v4alpha.TlsSessionTicketKeys session_ticket_keys = 4;TlsSessionTicketKeys getSessionTicketKeys()
TLS session ticket key settings.
.envoy.extensions.transport_sockets.tls.v4alpha.TlsSessionTicketKeys session_ticket_keys = 4;TlsSessionTicketKeysOrBuilder getSessionTicketKeysOrBuilder()
TLS session ticket key settings.
.envoy.extensions.transport_sockets.tls.v4alpha.TlsSessionTicketKeys session_ticket_keys = 4;boolean hasSessionTicketKeysSdsSecretConfig()
Config for fetching TLS session ticket keys via SDS API.
.envoy.extensions.transport_sockets.tls.v4alpha.SdsSecretConfig session_ticket_keys_sds_secret_config = 5;SdsSecretConfig getSessionTicketKeysSdsSecretConfig()
Config for fetching TLS session ticket keys via SDS API.
.envoy.extensions.transport_sockets.tls.v4alpha.SdsSecretConfig session_ticket_keys_sds_secret_config = 5;SdsSecretConfigOrBuilder getSessionTicketKeysSdsSecretConfigOrBuilder()
Config for fetching TLS session ticket keys via SDS API.
.envoy.extensions.transport_sockets.tls.v4alpha.SdsSecretConfig session_ticket_keys_sds_secret_config = 5;boolean getDisableStatelessSessionResumption()
Config for controlling stateless TLS session resumption: setting this to true will cause the TLS server to not issue TLS session tickets for the purposes of stateless TLS session resumption. If set to false, the TLS server will issue TLS session tickets and encrypt/decrypt them using the keys specified through either :ref:`session_ticket_keys <envoy_api_field_extensions.transport_sockets.tls.v4alpha.DownstreamTlsContext.session_ticket_keys>` or :ref:`session_ticket_keys_sds_secret_config <envoy_api_field_extensions.transport_sockets.tls.v4alpha.DownstreamTlsContext.session_ticket_keys_sds_secret_config>`. If this config is set to false and no keys are explicitly configured, the TLS server will issue TLS session tickets and encrypt/decrypt them using an internally-generated and managed key, with the implication that sessions cannot be resumed across hot restarts or on different hosts.
bool disable_stateless_session_resumption = 7;boolean hasSessionTimeout()
If specified, session_timeout will change maximum lifetime (in seconds) of TLS session Currently this value is used as a hint to `TLS session ticket lifetime (for TLSv1.2) <https://tools.ietf.org/html/rfc5077#section-5.6>` only seconds could be specified (fractional seconds are going to be ignored).
.google.protobuf.Duration session_timeout = 6 [(.validate.rules) = { ... }com.google.protobuf.Duration getSessionTimeout()
If specified, session_timeout will change maximum lifetime (in seconds) of TLS session Currently this value is used as a hint to `TLS session ticket lifetime (for TLSv1.2) <https://tools.ietf.org/html/rfc5077#section-5.6>` only seconds could be specified (fractional seconds are going to be ignored).
.google.protobuf.Duration session_timeout = 6 [(.validate.rules) = { ... }com.google.protobuf.DurationOrBuilder getSessionTimeoutOrBuilder()
If specified, session_timeout will change maximum lifetime (in seconds) of TLS session Currently this value is used as a hint to `TLS session ticket lifetime (for TLSv1.2) <https://tools.ietf.org/html/rfc5077#section-5.6>` only seconds could be specified (fractional seconds are going to be ignored).
.google.protobuf.Duration session_timeout = 6 [(.validate.rules) = { ... }int getOcspStaplePolicyValue()
Config for whether to use certificates if they do not have an accompanying OCSP response or if the response expires at runtime. Defaults to LENIENT_STAPLING
.envoy.extensions.transport_sockets.tls.v4alpha.DownstreamTlsContext.OcspStaplePolicy ocsp_staple_policy = 8 [(.validate.rules) = { ... }DownstreamTlsContext.OcspStaplePolicy getOcspStaplePolicy()
Config for whether to use certificates if they do not have an accompanying OCSP response or if the response expires at runtime. Defaults to LENIENT_STAPLING
.envoy.extensions.transport_sockets.tls.v4alpha.DownstreamTlsContext.OcspStaplePolicy ocsp_staple_policy = 8 [(.validate.rules) = { ... }DownstreamTlsContext.SessionTicketKeysTypeCase getSessionTicketKeysTypeCase()
Copyright © 2018–2021 The Envoy Project. All rights reserved.