TlsCertificate.Builder (api 0.1.28 API)

java.lang.Object
- com.google.protobuf.AbstractMessageLite.Builder
- - com.google.protobuf.AbstractMessage.Builder<BuilderType>
  - - com.google.protobuf.GeneratedMessageV3.Builder<TlsCertificate.Builder>
    - - io.envoyproxy.envoy.extensions.transport_sockets.tls.v4alpha.TlsCertificate.Builder

All Implemented Interfaces:

com.google.protobuf.Message.Builder, com.google.protobuf.MessageLite.Builder, com.google.protobuf.MessageLiteOrBuilder, com.google.protobuf.MessageOrBuilder, TlsCertificateOrBuilder, Cloneable

Enclosing class:

TlsCertificate
```
public static final class TlsCertificate.Builder
extends com.google.protobuf.GeneratedMessageV3.Builder<TlsCertificate.Builder>
implements TlsCertificateOrBuilder
```
```
 [#next-free-field: 8]
 
```
Protobuf type envoy.extensions.transport_sockets.tls.v4alpha.TlsCertificate

Method Summary

All Methods Static Methods Instance Methods Concrete Methods
Modifier and Type	Method and Description
`TlsCertificate.Builder`	`addAllSignedCertificateTimestamp(Iterable<? extends DataSource> values)` [#not-implemented-hide:] `repeated .envoy.config.core.v4alpha.DataSource signed_certificate_timestamp = 5;`
`TlsCertificate.Builder`	`addRepeatedField(com.google.protobuf.Descriptors.FieldDescriptor field, Object value)`
`TlsCertificate.Builder`	`addSignedCertificateTimestamp(DataSource.Builder builderForValue)` [#not-implemented-hide:] `repeated .envoy.config.core.v4alpha.DataSource signed_certificate_timestamp = 5;`
`TlsCertificate.Builder`	`addSignedCertificateTimestamp(DataSource value)` [#not-implemented-hide:] `repeated .envoy.config.core.v4alpha.DataSource signed_certificate_timestamp = 5;`
`TlsCertificate.Builder`	`addSignedCertificateTimestamp(int index, DataSource.Builder builderForValue)` [#not-implemented-hide:] `repeated .envoy.config.core.v4alpha.DataSource signed_certificate_timestamp = 5;`
`TlsCertificate.Builder`	`addSignedCertificateTimestamp(int index, DataSource value)` [#not-implemented-hide:] `repeated .envoy.config.core.v4alpha.DataSource signed_certificate_timestamp = 5;`
`DataSource.Builder`	`addSignedCertificateTimestampBuilder()` [#not-implemented-hide:] `repeated .envoy.config.core.v4alpha.DataSource signed_certificate_timestamp = 5;`
`DataSource.Builder`	`addSignedCertificateTimestampBuilder(int index)` [#not-implemented-hide:] `repeated .envoy.config.core.v4alpha.DataSource signed_certificate_timestamp = 5;`
`TlsCertificate`	`build()`
`TlsCertificate`	`buildPartial()`
`TlsCertificate.Builder`	`clear()`
`TlsCertificate.Builder`	`clearCertificateChain()` The TLS certificate chain.
`TlsCertificate.Builder`	`clearField(com.google.protobuf.Descriptors.FieldDescriptor field)`
`TlsCertificate.Builder`	`clearOcspStaple()` The OCSP response to be stapled with this certificate during the handshake.
`TlsCertificate.Builder`	`clearOneof(com.google.protobuf.Descriptors.OneofDescriptor oneof)`
`TlsCertificate.Builder`	`clearPassword()` The password to decrypt the TLS private key.
`TlsCertificate.Builder`	`clearPrivateKey()` The TLS private key.
`TlsCertificate.Builder`	`clearPrivateKeyProvider()` BoringSSL private key method provider.
`TlsCertificate.Builder`	`clearSignedCertificateTimestamp()` [#not-implemented-hide:] `repeated .envoy.config.core.v4alpha.DataSource signed_certificate_timestamp = 5;`
`TlsCertificate.Builder`	`clearWatchedDirectory()` If specified, updates of file-based certificate_chain and private_key sources will be triggered by this watch.
`TlsCertificate.Builder`	`clone()`
`DataSource`	`getCertificateChain()` The TLS certificate chain.
`DataSource.Builder`	`getCertificateChainBuilder()` The TLS certificate chain.
`DataSourceOrBuilder`	`getCertificateChainOrBuilder()` The TLS certificate chain.
`TlsCertificate`	`getDefaultInstanceForType()`
`static com.google.protobuf.Descriptors.Descriptor`	`getDescriptor()`
`com.google.protobuf.Descriptors.Descriptor`	`getDescriptorForType()`
`DataSource`	`getOcspStaple()` The OCSP response to be stapled with this certificate during the handshake.
`DataSource.Builder`	`getOcspStapleBuilder()` The OCSP response to be stapled with this certificate during the handshake.
`DataSourceOrBuilder`	`getOcspStapleOrBuilder()` The OCSP response to be stapled with this certificate during the handshake.
`DataSource`	`getPassword()` The password to decrypt the TLS private key.
`DataSource.Builder`	`getPasswordBuilder()` The password to decrypt the TLS private key.
`DataSourceOrBuilder`	`getPasswordOrBuilder()` The password to decrypt the TLS private key.
`DataSource`	`getPrivateKey()` The TLS private key.
`DataSource.Builder`	`getPrivateKeyBuilder()` The TLS private key.
`DataSourceOrBuilder`	`getPrivateKeyOrBuilder()` The TLS private key.
`PrivateKeyProvider`	`getPrivateKeyProvider()` BoringSSL private key method provider.
`PrivateKeyProvider.Builder`	`getPrivateKeyProviderBuilder()` BoringSSL private key method provider.
`PrivateKeyProviderOrBuilder`	`getPrivateKeyProviderOrBuilder()` BoringSSL private key method provider.
`DataSource`	`getSignedCertificateTimestamp(int index)` [#not-implemented-hide:] `repeated .envoy.config.core.v4alpha.DataSource signed_certificate_timestamp = 5;`
`DataSource.Builder`	`getSignedCertificateTimestampBuilder(int index)` [#not-implemented-hide:] `repeated .envoy.config.core.v4alpha.DataSource signed_certificate_timestamp = 5;`
`List<DataSource.Builder>`	`getSignedCertificateTimestampBuilderList()` [#not-implemented-hide:] `repeated .envoy.config.core.v4alpha.DataSource signed_certificate_timestamp = 5;`
`int`	`getSignedCertificateTimestampCount()` [#not-implemented-hide:] `repeated .envoy.config.core.v4alpha.DataSource signed_certificate_timestamp = 5;`
`List<DataSource>`	`getSignedCertificateTimestampList()` [#not-implemented-hide:] `repeated .envoy.config.core.v4alpha.DataSource signed_certificate_timestamp = 5;`
`DataSourceOrBuilder`	`getSignedCertificateTimestampOrBuilder(int index)` [#not-implemented-hide:] `repeated .envoy.config.core.v4alpha.DataSource signed_certificate_timestamp = 5;`
`List<? extends DataSourceOrBuilder>`	`getSignedCertificateTimestampOrBuilderList()` [#not-implemented-hide:] `repeated .envoy.config.core.v4alpha.DataSource signed_certificate_timestamp = 5;`
`WatchedDirectory`	`getWatchedDirectory()` If specified, updates of file-based certificate_chain and private_key sources will be triggered by this watch.
`WatchedDirectory.Builder`	`getWatchedDirectoryBuilder()` If specified, updates of file-based certificate_chain and private_key sources will be triggered by this watch.
`WatchedDirectoryOrBuilder`	`getWatchedDirectoryOrBuilder()` If specified, updates of file-based certificate_chain and private_key sources will be triggered by this watch.
`boolean`	`hasCertificateChain()` The TLS certificate chain.
`boolean`	`hasOcspStaple()` The OCSP response to be stapled with this certificate during the handshake.
`boolean`	`hasPassword()` The password to decrypt the TLS private key.
`boolean`	`hasPrivateKey()` The TLS private key.
`boolean`	`hasPrivateKeyProvider()` BoringSSL private key method provider.
`boolean`	`hasWatchedDirectory()` If specified, updates of file-based certificate_chain and private_key sources will be triggered by this watch.
`protected com.google.protobuf.GeneratedMessageV3.FieldAccessorTable`	`internalGetFieldAccessorTable()`
`boolean`	`isInitialized()`
`TlsCertificate.Builder`	`mergeCertificateChain(DataSource value)` The TLS certificate chain.
`TlsCertificate.Builder`	`mergeFrom(com.google.protobuf.CodedInputStream input, com.google.protobuf.ExtensionRegistryLite extensionRegistry)`
`TlsCertificate.Builder`	`mergeFrom(com.google.protobuf.Message other)`
`TlsCertificate.Builder`	`mergeFrom(TlsCertificate other)`
`TlsCertificate.Builder`	`mergeOcspStaple(DataSource value)` The OCSP response to be stapled with this certificate during the handshake.
`TlsCertificate.Builder`	`mergePassword(DataSource value)` The password to decrypt the TLS private key.
`TlsCertificate.Builder`	`mergePrivateKey(DataSource value)` The TLS private key.
`TlsCertificate.Builder`	`mergePrivateKeyProvider(PrivateKeyProvider value)` BoringSSL private key method provider.
`TlsCertificate.Builder`	`mergeUnknownFields(com.google.protobuf.UnknownFieldSet unknownFields)`
`TlsCertificate.Builder`	`mergeWatchedDirectory(WatchedDirectory value)` If specified, updates of file-based certificate_chain and private_key sources will be triggered by this watch.
`TlsCertificate.Builder`	`removeSignedCertificateTimestamp(int index)` [#not-implemented-hide:] `repeated .envoy.config.core.v4alpha.DataSource signed_certificate_timestamp = 5;`
`TlsCertificate.Builder`	`setCertificateChain(DataSource.Builder builderForValue)` The TLS certificate chain.
`TlsCertificate.Builder`	`setCertificateChain(DataSource value)` The TLS certificate chain.
`TlsCertificate.Builder`	`setField(com.google.protobuf.Descriptors.FieldDescriptor field, Object value)`
`TlsCertificate.Builder`	`setOcspStaple(DataSource.Builder builderForValue)` The OCSP response to be stapled with this certificate during the handshake.
`TlsCertificate.Builder`	`setOcspStaple(DataSource value)` The OCSP response to be stapled with this certificate during the handshake.
`TlsCertificate.Builder`	`setPassword(DataSource.Builder builderForValue)` The password to decrypt the TLS private key.
`TlsCertificate.Builder`	`setPassword(DataSource value)` The password to decrypt the TLS private key.
`TlsCertificate.Builder`	`setPrivateKey(DataSource.Builder builderForValue)` The TLS private key.
`TlsCertificate.Builder`	`setPrivateKey(DataSource value)` The TLS private key.
`TlsCertificate.Builder`	`setPrivateKeyProvider(PrivateKeyProvider.Builder builderForValue)` BoringSSL private key method provider.
`TlsCertificate.Builder`	`setPrivateKeyProvider(PrivateKeyProvider value)` BoringSSL private key method provider.
`TlsCertificate.Builder`	`setRepeatedField(com.google.protobuf.Descriptors.FieldDescriptor field, int index, Object value)`
`TlsCertificate.Builder`	`setSignedCertificateTimestamp(int index, DataSource.Builder builderForValue)` [#not-implemented-hide:] `repeated .envoy.config.core.v4alpha.DataSource signed_certificate_timestamp = 5;`
`TlsCertificate.Builder`	`setSignedCertificateTimestamp(int index, DataSource value)` [#not-implemented-hide:] `repeated .envoy.config.core.v4alpha.DataSource signed_certificate_timestamp = 5;`
`TlsCertificate.Builder`	`setUnknownFields(com.google.protobuf.UnknownFieldSet unknownFields)`
`TlsCertificate.Builder`	`setWatchedDirectory(WatchedDirectory.Builder builderForValue)` If specified, updates of file-based certificate_chain and private_key sources will be triggered by this watch.
`TlsCertificate.Builder`	`setWatchedDirectory(WatchedDirectory value)` If specified, updates of file-based certificate_chain and private_key sources will be triggered by this watch.

Methods inherited from class com.google.protobuf.GeneratedMessageV3.Builder
getAllFields, getField, getFieldBuilder, getOneofFieldDescriptor, getParentForChildren, getRepeatedField, getRepeatedFieldBuilder, getRepeatedFieldCount, getUnknownFields, hasField, hasOneof, internalGetMapField, internalGetMutableMapField, isClean, markClean, newBuilderForField, onBuilt, onChanged, setUnknownFieldsProto3

Methods inherited from class com.google.protobuf.AbstractMessage.Builder
findInitializationErrors, getInitializationErrorString, internalMergeFrom, mergeDelimitedFrom, mergeDelimitedFrom, mergeFrom, mergeFrom, mergeFrom, mergeFrom, mergeFrom, mergeFrom, mergeFrom, mergeFrom, mergeFrom, newUninitializedMessageException, toString

Methods inherited from class com.google.protobuf.AbstractMessageLite.Builder
addAll, addAll, mergeFrom, newUninitializedMessageException

Methods inherited from class java.lang.Object
equals, finalize, getClass, hashCode, notify, notifyAll, wait, wait, wait

Methods inherited from interface com.google.protobuf.MessageOrBuilder
findInitializationErrors, getAllFields, getField, getInitializationErrorString, getOneofFieldDescriptor, getRepeatedField, getRepeatedFieldCount, getUnknownFields, hasField, hasOneof

Methods inherited from interface com.google.protobuf.MessageLite.Builder
mergeFrom

Method Detail

getDescriptor

public static final com.google.protobuf.Descriptors.Descriptor getDescriptor()

internalGetFieldAccessorTable
```
protected com.google.protobuf.GeneratedMessageV3.FieldAccessorTable internalGetFieldAccessorTable()
```
Specified by:

internalGetFieldAccessorTable in class com.google.protobuf.GeneratedMessageV3.Builder<TlsCertificate.Builder>

clear
```
public TlsCertificate.Builder clear()
```
Specified by:

clear in interface com.google.protobuf.Message.Builder

Specified by:

clear in interface com.google.protobuf.MessageLite.Builder

Overrides:

clear in class com.google.protobuf.GeneratedMessageV3.Builder<TlsCertificate.Builder>

getDescriptorForType
```
public com.google.protobuf.Descriptors.Descriptor getDescriptorForType()
```
Specified by:

getDescriptorForType in interface com.google.protobuf.Message.Builder

Specified by:

getDescriptorForType in interface com.google.protobuf.MessageOrBuilder

Overrides:

getDescriptorForType in class com.google.protobuf.GeneratedMessageV3.Builder<TlsCertificate.Builder>

getDefaultInstanceForType
```
public TlsCertificate getDefaultInstanceForType()
```
Specified by:

getDefaultInstanceForType in interface com.google.protobuf.MessageLiteOrBuilder

Specified by:

getDefaultInstanceForType in interface com.google.protobuf.MessageOrBuilder

build
```
public TlsCertificate build()
```
Specified by:

build in interface com.google.protobuf.Message.Builder

Specified by:

build in interface com.google.protobuf.MessageLite.Builder

buildPartial
```
public TlsCertificate buildPartial()
```
Specified by:

buildPartial in interface com.google.protobuf.Message.Builder

Specified by:

buildPartial in interface com.google.protobuf.MessageLite.Builder

clone
```
public TlsCertificate.Builder clone()
```
Specified by:

clone in interface com.google.protobuf.Message.Builder

Specified by:

clone in interface com.google.protobuf.MessageLite.Builder

Overrides:

clone in class com.google.protobuf.GeneratedMessageV3.Builder<TlsCertificate.Builder>

setField

public TlsCertificate.Builder setField(com.google.protobuf.Descriptors.FieldDescriptor field,
                                       Object value)

Specified by:: setField in interface com.google.protobuf.Message.Builder
Overrides:: setField in class com.google.protobuf.GeneratedMessageV3.Builder<TlsCertificate.Builder>

clearField
```
public TlsCertificate.Builder clearField(com.google.protobuf.Descriptors.FieldDescriptor field)
```
Specified by:

clearField in interface com.google.protobuf.Message.Builder

Overrides:

clearField in class com.google.protobuf.GeneratedMessageV3.Builder<TlsCertificate.Builder>

clearOneof
```
public TlsCertificate.Builder clearOneof(com.google.protobuf.Descriptors.OneofDescriptor oneof)
```
Specified by:

clearOneof in interface com.google.protobuf.Message.Builder

Overrides:

clearOneof in class com.google.protobuf.GeneratedMessageV3.Builder<TlsCertificate.Builder>

setRepeatedField

public TlsCertificate.Builder setRepeatedField(com.google.protobuf.Descriptors.FieldDescriptor field,
                                               int index,
                                               Object value)

Specified by:: setRepeatedField in interface com.google.protobuf.Message.Builder
Overrides:: setRepeatedField in class com.google.protobuf.GeneratedMessageV3.Builder<TlsCertificate.Builder>

addRepeatedField

public TlsCertificate.Builder addRepeatedField(com.google.protobuf.Descriptors.FieldDescriptor field,
                                               Object value)

Specified by:: addRepeatedField in interface com.google.protobuf.Message.Builder
Overrides:: addRepeatedField in class com.google.protobuf.GeneratedMessageV3.Builder<TlsCertificate.Builder>

mergeFrom
```
public TlsCertificate.Builder mergeFrom(com.google.protobuf.Message other)
```
Specified by:

mergeFrom in interface com.google.protobuf.Message.Builder

Overrides:

mergeFrom in class com.google.protobuf.AbstractMessage.Builder<TlsCertificate.Builder>

mergeFrom

public TlsCertificate.Builder mergeFrom(TlsCertificate other)

isInitialized
```
public final boolean isInitialized()
```
Specified by:

isInitialized in interface com.google.protobuf.MessageLiteOrBuilder

Overrides:

isInitialized in class com.google.protobuf.GeneratedMessageV3.Builder<TlsCertificate.Builder>

mergeFrom
```
public TlsCertificate.Builder mergeFrom(com.google.protobuf.CodedInputStream input,
                                        com.google.protobuf.ExtensionRegistryLite extensionRegistry)
                                 throws IOException
```
Specified by:

mergeFrom in interface com.google.protobuf.Message.Builder

Specified by:

mergeFrom in interface com.google.protobuf.MessageLite.Builder

Overrides:

mergeFrom in class com.google.protobuf.AbstractMessage.Builder<TlsCertificate.Builder>

Throws:

IOException

hasCertificateChain

public boolean hasCertificateChain()

 The TLS certificate chain.
 If *certificate_chain* is a filesystem path, a watch will be added to the
 parent directory for any file moves to support rotation. This currently
 only applies to dynamic secrets, when the *TlsCertificate* is delivered via
 SDS.

.envoy.config.core.v4alpha.DataSource certificate_chain = 1;

Specified by:: hasCertificateChain in interface TlsCertificateOrBuilder

getCertificateChain

public DataSource getCertificateChain()

 The TLS certificate chain.
 If *certificate_chain* is a filesystem path, a watch will be added to the
 parent directory for any file moves to support rotation. This currently
 only applies to dynamic secrets, when the *TlsCertificate* is delivered via
 SDS.

.envoy.config.core.v4alpha.DataSource certificate_chain = 1;

Specified by:: getCertificateChain in interface TlsCertificateOrBuilder

setCertificateChain

public TlsCertificate.Builder setCertificateChain(DataSource value)

 The TLS certificate chain.
 If *certificate_chain* is a filesystem path, a watch will be added to the
 parent directory for any file moves to support rotation. This currently
 only applies to dynamic secrets, when the *TlsCertificate* is delivered via
 SDS.

.envoy.config.core.v4alpha.DataSource certificate_chain = 1;

setCertificateChain

public TlsCertificate.Builder setCertificateChain(DataSource.Builder builderForValue)

 The TLS certificate chain.
 If *certificate_chain* is a filesystem path, a watch will be added to the
 parent directory for any file moves to support rotation. This currently
 only applies to dynamic secrets, when the *TlsCertificate* is delivered via
 SDS.

.envoy.config.core.v4alpha.DataSource certificate_chain = 1;

mergeCertificateChain

public TlsCertificate.Builder mergeCertificateChain(DataSource value)

 The TLS certificate chain.
 If *certificate_chain* is a filesystem path, a watch will be added to the
 parent directory for any file moves to support rotation. This currently
 only applies to dynamic secrets, when the *TlsCertificate* is delivered via
 SDS.

.envoy.config.core.v4alpha.DataSource certificate_chain = 1;

clearCertificateChain

public TlsCertificate.Builder clearCertificateChain()

 The TLS certificate chain.
 If *certificate_chain* is a filesystem path, a watch will be added to the
 parent directory for any file moves to support rotation. This currently
 only applies to dynamic secrets, when the *TlsCertificate* is delivered via
 SDS.

.envoy.config.core.v4alpha.DataSource certificate_chain = 1;

getCertificateChainBuilder

public DataSource.Builder getCertificateChainBuilder()

 The TLS certificate chain.
 If *certificate_chain* is a filesystem path, a watch will be added to the
 parent directory for any file moves to support rotation. This currently
 only applies to dynamic secrets, when the *TlsCertificate* is delivered via
 SDS.

.envoy.config.core.v4alpha.DataSource certificate_chain = 1;

getCertificateChainOrBuilder

public DataSourceOrBuilder getCertificateChainOrBuilder()

 The TLS certificate chain.
 If *certificate_chain* is a filesystem path, a watch will be added to the
 parent directory for any file moves to support rotation. This currently
 only applies to dynamic secrets, when the *TlsCertificate* is delivered via
 SDS.

.envoy.config.core.v4alpha.DataSource certificate_chain = 1;

Specified by:: getCertificateChainOrBuilder in interface TlsCertificateOrBuilder

hasPrivateKey

public boolean hasPrivateKey()

 The TLS private key.
 If *private_key* is a filesystem path, a watch will be added to the parent
 directory for any file moves to support rotation. This currently only
 applies to dynamic secrets, when the *TlsCertificate* is delivered via SDS.

.envoy.config.core.v4alpha.DataSource private_key = 2 [(.udpa.annotations.sensitive) = true];

Specified by:: hasPrivateKey in interface TlsCertificateOrBuilder

getPrivateKey

public DataSource getPrivateKey()

 The TLS private key.
 If *private_key* is a filesystem path, a watch will be added to the parent
 directory for any file moves to support rotation. This currently only
 applies to dynamic secrets, when the *TlsCertificate* is delivered via SDS.

.envoy.config.core.v4alpha.DataSource private_key = 2 [(.udpa.annotations.sensitive) = true];

Specified by:: getPrivateKey in interface TlsCertificateOrBuilder

setPrivateKey

public TlsCertificate.Builder setPrivateKey(DataSource value)

 The TLS private key.
 If *private_key* is a filesystem path, a watch will be added to the parent
 directory for any file moves to support rotation. This currently only
 applies to dynamic secrets, when the *TlsCertificate* is delivered via SDS.

.envoy.config.core.v4alpha.DataSource private_key = 2 [(.udpa.annotations.sensitive) = true];

setPrivateKey

public TlsCertificate.Builder setPrivateKey(DataSource.Builder builderForValue)

 The TLS private key.
 If *private_key* is a filesystem path, a watch will be added to the parent
 directory for any file moves to support rotation. This currently only
 applies to dynamic secrets, when the *TlsCertificate* is delivered via SDS.

.envoy.config.core.v4alpha.DataSource private_key = 2 [(.udpa.annotations.sensitive) = true];

mergePrivateKey

public TlsCertificate.Builder mergePrivateKey(DataSource value)

 The TLS private key.
 If *private_key* is a filesystem path, a watch will be added to the parent
 directory for any file moves to support rotation. This currently only
 applies to dynamic secrets, when the *TlsCertificate* is delivered via SDS.

.envoy.config.core.v4alpha.DataSource private_key = 2 [(.udpa.annotations.sensitive) = true];

clearPrivateKey

public TlsCertificate.Builder clearPrivateKey()

 The TLS private key.
 If *private_key* is a filesystem path, a watch will be added to the parent
 directory for any file moves to support rotation. This currently only
 applies to dynamic secrets, when the *TlsCertificate* is delivered via SDS.

.envoy.config.core.v4alpha.DataSource private_key = 2 [(.udpa.annotations.sensitive) = true];

getPrivateKeyBuilder

public DataSource.Builder getPrivateKeyBuilder()

 The TLS private key.
 If *private_key* is a filesystem path, a watch will be added to the parent
 directory for any file moves to support rotation. This currently only
 applies to dynamic secrets, when the *TlsCertificate* is delivered via SDS.

.envoy.config.core.v4alpha.DataSource private_key = 2 [(.udpa.annotations.sensitive) = true];

getPrivateKeyOrBuilder

public DataSourceOrBuilder getPrivateKeyOrBuilder()

 The TLS private key.
 If *private_key* is a filesystem path, a watch will be added to the parent
 directory for any file moves to support rotation. This currently only
 applies to dynamic secrets, when the *TlsCertificate* is delivered via SDS.

.envoy.config.core.v4alpha.DataSource private_key = 2 [(.udpa.annotations.sensitive) = true];

Specified by:: getPrivateKeyOrBuilder in interface TlsCertificateOrBuilder

hasWatchedDirectory

public boolean hasWatchedDirectory()

 If specified, updates of file-based *certificate_chain* and *private_key*
 sources will be triggered by this watch. The certificate/key pair will be
 read together and validated for atomic read consistency (i.e. no
 intervening modification occurred between cert/key read, verified by file
 hash comparisons). This allows explicit control over the path watched, by
 default the parent directories of the filesystem paths in
 *certificate_chain* and *private_key* are watched if this field is not
 specified. This only applies when a *TlsCertificate* is delivered by SDS
 with references to filesystem paths. See the :ref:`SDS key rotation
 <sds_key_rotation>` documentation for further details.

.envoy.config.core.v4alpha.WatchedDirectory watched_directory = 7;

Specified by:: hasWatchedDirectory in interface TlsCertificateOrBuilder

getWatchedDirectory

public WatchedDirectory getWatchedDirectory()

 If specified, updates of file-based *certificate_chain* and *private_key*
 sources will be triggered by this watch. The certificate/key pair will be
 read together and validated for atomic read consistency (i.e. no
 intervening modification occurred between cert/key read, verified by file
 hash comparisons). This allows explicit control over the path watched, by
 default the parent directories of the filesystem paths in
 *certificate_chain* and *private_key* are watched if this field is not
 specified. This only applies when a *TlsCertificate* is delivered by SDS
 with references to filesystem paths. See the :ref:`SDS key rotation
 <sds_key_rotation>` documentation for further details.

.envoy.config.core.v4alpha.WatchedDirectory watched_directory = 7;

Specified by:: getWatchedDirectory in interface TlsCertificateOrBuilder

setWatchedDirectory

public TlsCertificate.Builder setWatchedDirectory(WatchedDirectory value)

 If specified, updates of file-based *certificate_chain* and *private_key*
 sources will be triggered by this watch. The certificate/key pair will be
 read together and validated for atomic read consistency (i.e. no
 intervening modification occurred between cert/key read, verified by file
 hash comparisons). This allows explicit control over the path watched, by
 default the parent directories of the filesystem paths in
 *certificate_chain* and *private_key* are watched if this field is not
 specified. This only applies when a *TlsCertificate* is delivered by SDS
 with references to filesystem paths. See the :ref:`SDS key rotation
 <sds_key_rotation>` documentation for further details.

.envoy.config.core.v4alpha.WatchedDirectory watched_directory = 7;

setWatchedDirectory

public TlsCertificate.Builder setWatchedDirectory(WatchedDirectory.Builder builderForValue)

 If specified, updates of file-based *certificate_chain* and *private_key*
 sources will be triggered by this watch. The certificate/key pair will be
 read together and validated for atomic read consistency (i.e. no
 intervening modification occurred between cert/key read, verified by file
 hash comparisons). This allows explicit control over the path watched, by
 default the parent directories of the filesystem paths in
 *certificate_chain* and *private_key* are watched if this field is not
 specified. This only applies when a *TlsCertificate* is delivered by SDS
 with references to filesystem paths. See the :ref:`SDS key rotation
 <sds_key_rotation>` documentation for further details.

.envoy.config.core.v4alpha.WatchedDirectory watched_directory = 7;

mergeWatchedDirectory

public TlsCertificate.Builder mergeWatchedDirectory(WatchedDirectory value)

 If specified, updates of file-based *certificate_chain* and *private_key*
 sources will be triggered by this watch. The certificate/key pair will be
 read together and validated for atomic read consistency (i.e. no
 intervening modification occurred between cert/key read, verified by file
 hash comparisons). This allows explicit control over the path watched, by
 default the parent directories of the filesystem paths in
 *certificate_chain* and *private_key* are watched if this field is not
 specified. This only applies when a *TlsCertificate* is delivered by SDS
 with references to filesystem paths. See the :ref:`SDS key rotation
 <sds_key_rotation>` documentation for further details.

.envoy.config.core.v4alpha.WatchedDirectory watched_directory = 7;

clearWatchedDirectory

public TlsCertificate.Builder clearWatchedDirectory()

 If specified, updates of file-based *certificate_chain* and *private_key*
 sources will be triggered by this watch. The certificate/key pair will be
 read together and validated for atomic read consistency (i.e. no
 intervening modification occurred between cert/key read, verified by file
 hash comparisons). This allows explicit control over the path watched, by
 default the parent directories of the filesystem paths in
 *certificate_chain* and *private_key* are watched if this field is not
 specified. This only applies when a *TlsCertificate* is delivered by SDS
 with references to filesystem paths. See the :ref:`SDS key rotation
 <sds_key_rotation>` documentation for further details.

.envoy.config.core.v4alpha.WatchedDirectory watched_directory = 7;

getWatchedDirectoryBuilder

public WatchedDirectory.Builder getWatchedDirectoryBuilder()

 If specified, updates of file-based *certificate_chain* and *private_key*
 sources will be triggered by this watch. The certificate/key pair will be
 read together and validated for atomic read consistency (i.e. no
 intervening modification occurred between cert/key read, verified by file
 hash comparisons). This allows explicit control over the path watched, by
 default the parent directories of the filesystem paths in
 *certificate_chain* and *private_key* are watched if this field is not
 specified. This only applies when a *TlsCertificate* is delivered by SDS
 with references to filesystem paths. See the :ref:`SDS key rotation
 <sds_key_rotation>` documentation for further details.

.envoy.config.core.v4alpha.WatchedDirectory watched_directory = 7;

getWatchedDirectoryOrBuilder

public WatchedDirectoryOrBuilder getWatchedDirectoryOrBuilder()

 If specified, updates of file-based *certificate_chain* and *private_key*
 sources will be triggered by this watch. The certificate/key pair will be
 read together and validated for atomic read consistency (i.e. no
 intervening modification occurred between cert/key read, verified by file
 hash comparisons). This allows explicit control over the path watched, by
 default the parent directories of the filesystem paths in
 *certificate_chain* and *private_key* are watched if this field is not
 specified. This only applies when a *TlsCertificate* is delivered by SDS
 with references to filesystem paths. See the :ref:`SDS key rotation
 <sds_key_rotation>` documentation for further details.

.envoy.config.core.v4alpha.WatchedDirectory watched_directory = 7;

Specified by:: getWatchedDirectoryOrBuilder in interface TlsCertificateOrBuilder

hasPrivateKeyProvider

public boolean hasPrivateKeyProvider()

 BoringSSL private key method provider. This is an alternative to :ref:`private_key
 <envoy_api_field_extensions.transport_sockets.tls.v4alpha.TlsCertificate.private_key>` field. This can't be
 marked as ``oneof`` due to API compatibility reasons. Setting both :ref:`private_key
 <envoy_api_field_extensions.transport_sockets.tls.v4alpha.TlsCertificate.private_key>` and
 :ref:`private_key_provider
 <envoy_api_field_extensions.transport_sockets.tls.v4alpha.TlsCertificate.private_key_provider>` fields will result in an
 error.

.envoy.extensions.transport_sockets.tls.v4alpha.PrivateKeyProvider private_key_provider = 6;

Specified by:: hasPrivateKeyProvider in interface TlsCertificateOrBuilder

getPrivateKeyProvider

public PrivateKeyProvider getPrivateKeyProvider()

 BoringSSL private key method provider. This is an alternative to :ref:`private_key
 <envoy_api_field_extensions.transport_sockets.tls.v4alpha.TlsCertificate.private_key>` field. This can't be
 marked as ``oneof`` due to API compatibility reasons. Setting both :ref:`private_key
 <envoy_api_field_extensions.transport_sockets.tls.v4alpha.TlsCertificate.private_key>` and
 :ref:`private_key_provider
 <envoy_api_field_extensions.transport_sockets.tls.v4alpha.TlsCertificate.private_key_provider>` fields will result in an
 error.

.envoy.extensions.transport_sockets.tls.v4alpha.PrivateKeyProvider private_key_provider = 6;

Specified by:: getPrivateKeyProvider in interface TlsCertificateOrBuilder

setPrivateKeyProvider

public TlsCertificate.Builder setPrivateKeyProvider(PrivateKeyProvider value)

 BoringSSL private key method provider. This is an alternative to :ref:`private_key
 <envoy_api_field_extensions.transport_sockets.tls.v4alpha.TlsCertificate.private_key>` field. This can't be
 marked as ``oneof`` due to API compatibility reasons. Setting both :ref:`private_key
 <envoy_api_field_extensions.transport_sockets.tls.v4alpha.TlsCertificate.private_key>` and
 :ref:`private_key_provider
 <envoy_api_field_extensions.transport_sockets.tls.v4alpha.TlsCertificate.private_key_provider>` fields will result in an
 error.

.envoy.extensions.transport_sockets.tls.v4alpha.PrivateKeyProvider private_key_provider = 6;

setPrivateKeyProvider

public TlsCertificate.Builder setPrivateKeyProvider(PrivateKeyProvider.Builder builderForValue)

 BoringSSL private key method provider. This is an alternative to :ref:`private_key
 <envoy_api_field_extensions.transport_sockets.tls.v4alpha.TlsCertificate.private_key>` field. This can't be
 marked as ``oneof`` due to API compatibility reasons. Setting both :ref:`private_key
 <envoy_api_field_extensions.transport_sockets.tls.v4alpha.TlsCertificate.private_key>` and
 :ref:`private_key_provider
 <envoy_api_field_extensions.transport_sockets.tls.v4alpha.TlsCertificate.private_key_provider>` fields will result in an
 error.

.envoy.extensions.transport_sockets.tls.v4alpha.PrivateKeyProvider private_key_provider = 6;

mergePrivateKeyProvider

public TlsCertificate.Builder mergePrivateKeyProvider(PrivateKeyProvider value)

 BoringSSL private key method provider. This is an alternative to :ref:`private_key
 <envoy_api_field_extensions.transport_sockets.tls.v4alpha.TlsCertificate.private_key>` field. This can't be
 marked as ``oneof`` due to API compatibility reasons. Setting both :ref:`private_key
 <envoy_api_field_extensions.transport_sockets.tls.v4alpha.TlsCertificate.private_key>` and
 :ref:`private_key_provider
 <envoy_api_field_extensions.transport_sockets.tls.v4alpha.TlsCertificate.private_key_provider>` fields will result in an
 error.

.envoy.extensions.transport_sockets.tls.v4alpha.PrivateKeyProvider private_key_provider = 6;

clearPrivateKeyProvider

public TlsCertificate.Builder clearPrivateKeyProvider()

 BoringSSL private key method provider. This is an alternative to :ref:`private_key
 <envoy_api_field_extensions.transport_sockets.tls.v4alpha.TlsCertificate.private_key>` field. This can't be
 marked as ``oneof`` due to API compatibility reasons. Setting both :ref:`private_key
 <envoy_api_field_extensions.transport_sockets.tls.v4alpha.TlsCertificate.private_key>` and
 :ref:`private_key_provider
 <envoy_api_field_extensions.transport_sockets.tls.v4alpha.TlsCertificate.private_key_provider>` fields will result in an
 error.

.envoy.extensions.transport_sockets.tls.v4alpha.PrivateKeyProvider private_key_provider = 6;

getPrivateKeyProviderBuilder

public PrivateKeyProvider.Builder getPrivateKeyProviderBuilder()

 BoringSSL private key method provider. This is an alternative to :ref:`private_key
 <envoy_api_field_extensions.transport_sockets.tls.v4alpha.TlsCertificate.private_key>` field. This can't be
 marked as ``oneof`` due to API compatibility reasons. Setting both :ref:`private_key
 <envoy_api_field_extensions.transport_sockets.tls.v4alpha.TlsCertificate.private_key>` and
 :ref:`private_key_provider
 <envoy_api_field_extensions.transport_sockets.tls.v4alpha.TlsCertificate.private_key_provider>` fields will result in an
 error.

.envoy.extensions.transport_sockets.tls.v4alpha.PrivateKeyProvider private_key_provider = 6;

getPrivateKeyProviderOrBuilder

public PrivateKeyProviderOrBuilder getPrivateKeyProviderOrBuilder()

 BoringSSL private key method provider. This is an alternative to :ref:`private_key
 <envoy_api_field_extensions.transport_sockets.tls.v4alpha.TlsCertificate.private_key>` field. This can't be
 marked as ``oneof`` due to API compatibility reasons. Setting both :ref:`private_key
 <envoy_api_field_extensions.transport_sockets.tls.v4alpha.TlsCertificate.private_key>` and
 :ref:`private_key_provider
 <envoy_api_field_extensions.transport_sockets.tls.v4alpha.TlsCertificate.private_key_provider>` fields will result in an
 error.

.envoy.extensions.transport_sockets.tls.v4alpha.PrivateKeyProvider private_key_provider = 6;

Specified by:: getPrivateKeyProviderOrBuilder in interface TlsCertificateOrBuilder