Package io.envoyproxy.envoy.extensions.transport_sockets.tls.v3

Class CommonTlsContext

  • All Implemented Interfaces:
    com.google.protobuf.Message, com.google.protobuf.MessageLite, com.google.protobuf.MessageLiteOrBuilder, com.google.protobuf.MessageOrBuilder, CommonTlsContextOrBuilder, Serializable
    public final class CommonTlsContext
extends com.google.protobuf.GeneratedMessageV3
implements CommonTlsContextOrBuilder
     TLS context shared by both client and server TLS contexts.
 [#next-free-field: 16]
    Protobuf type envoy.extensions.transport_sockets.tls.v3.CommonTlsContext
    See Also:
    Serialized Form

    • Field Detail

      • TLS_PARAMS_FIELD_NUMBER

        public static final int TLS_PARAMS_FIELD_NUMBER
        See Also:
        Constant Field Values

      • TLS_CERTIFICATES_FIELD_NUMBER

        public static final int TLS_CERTIFICATES_FIELD_NUMBER
        See Also:
        Constant Field Values

      • TLS_CERTIFICATE_SDS_SECRET_CONFIGS_FIELD_NUMBER

        public static final int TLS_CERTIFICATE_SDS_SECRET_CONFIGS_FIELD_NUMBER
        See Also:
        Constant Field Values

      • TLS_CERTIFICATE_PROVIDER_INSTANCE_FIELD_NUMBER

        public static final int TLS_CERTIFICATE_PROVIDER_INSTANCE_FIELD_NUMBER
        See Also:
        Constant Field Values

      • TLS_CERTIFICATE_CERTIFICATE_PROVIDER_FIELD_NUMBER

        public static final int TLS_CERTIFICATE_CERTIFICATE_PROVIDER_FIELD_NUMBER
        See Also:
        Constant Field Values

      • TLS_CERTIFICATE_CERTIFICATE_PROVIDER_INSTANCE_FIELD_NUMBER

        public static final int TLS_CERTIFICATE_CERTIFICATE_PROVIDER_INSTANCE_FIELD_NUMBER
        See Also:
        Constant Field Values

      • VALIDATION_CONTEXT_FIELD_NUMBER

        public static final int VALIDATION_CONTEXT_FIELD_NUMBER
        See Also:
        Constant Field Values

      • VALIDATION_CONTEXT_SDS_SECRET_CONFIG_FIELD_NUMBER

        public static final int VALIDATION_CONTEXT_SDS_SECRET_CONFIG_FIELD_NUMBER
        See Also:
        Constant Field Values

      • COMBINED_VALIDATION_CONTEXT_FIELD_NUMBER

        public static final int COMBINED_VALIDATION_CONTEXT_FIELD_NUMBER
        See Also:
        Constant Field Values

      • VALIDATION_CONTEXT_CERTIFICATE_PROVIDER_FIELD_NUMBER

        public static final int VALIDATION_CONTEXT_CERTIFICATE_PROVIDER_FIELD_NUMBER
        See Also:
        Constant Field Values

      • VALIDATION_CONTEXT_CERTIFICATE_PROVIDER_INSTANCE_FIELD_NUMBER

        public static final int VALIDATION_CONTEXT_CERTIFICATE_PROVIDER_INSTANCE_FIELD_NUMBER
        See Also:
        Constant Field Values

      • ALPN_PROTOCOLS_FIELD_NUMBER

        public static final int ALPN_PROTOCOLS_FIELD_NUMBER
        See Also:
        Constant Field Values

      • CUSTOM_HANDSHAKER_FIELD_NUMBER

        public static final int CUSTOM_HANDSHAKER_FIELD_NUMBER
        See Also:
        Constant Field Values

    • Method Detail

      • newInstance

        protected Object newInstance​(com.google.protobuf.GeneratedMessageV3.UnusedPrivateParameter unused)
        Overrides:
        newInstance in class com.google.protobuf.GeneratedMessageV3

      • getUnknownFields

        public final com.google.protobuf.UnknownFieldSet getUnknownFields()
        Specified by:
        getUnknownFields in interface com.google.protobuf.MessageOrBuilder
        Overrides:
        getUnknownFields in class com.google.protobuf.GeneratedMessageV3

      • getDescriptor

        public static final com.google.protobuf.Descriptors.Descriptor getDescriptor()

      • internalGetFieldAccessorTable

        protected com.google.protobuf.GeneratedMessageV3.FieldAccessorTable internalGetFieldAccessorTable()
        Specified by:
        internalGetFieldAccessorTable in class com.google.protobuf.GeneratedMessageV3

      • hasTlsParams

        public boolean hasTlsParams()
         TLS protocol versions, cipher suites etc.
        .envoy.extensions.transport_sockets.tls.v3.TlsParameters tls_params = 1;
        Specified by:
        hasTlsParams in interface CommonTlsContextOrBuilder
        Returns:
        Whether the tlsParams field is set.

      • getTlsParams

        public TlsParameters getTlsParams()
         TLS protocol versions, cipher suites etc.
        .envoy.extensions.transport_sockets.tls.v3.TlsParameters tls_params = 1;
        Specified by:
        getTlsParams in interface CommonTlsContextOrBuilder
        Returns:
        The tlsParams.

      • getTlsCertificatesList

        public List<TlsCertificate> getTlsCertificatesList()
         :ref:`Multiple TLS certificates <arch_overview_ssl_cert_select>` can be associated with the
 same context to allow both RSA and ECDSA certificates.
 Only a single TLS certificate is supported in client contexts. In server contexts, the first
 RSA certificate is used for clients that only support RSA and the first ECDSA certificate is
 used for clients that support ECDSA.
 Only one of ``tls_certificates``, ``tls_certificate_sds_secret_configs``,
 and ``tls_certificate_provider_instance`` may be used.
 [#next-major-version: These mutually exclusive fields should ideally be in a oneof, but it's
 not legal to put a repeated field in a oneof. In the next major version, we should rework
 this to avoid this problem.]
        repeated .envoy.extensions.transport_sockets.tls.v3.TlsCertificate tls_certificates = 2;
        Specified by:
        getTlsCertificatesList in interface CommonTlsContextOrBuilder

      • getTlsCertificatesOrBuilderList

        public List<? extends TlsCertificateOrBuilder> getTlsCertificatesOrBuilderList()
         :ref:`Multiple TLS certificates <arch_overview_ssl_cert_select>` can be associated with the
 same context to allow both RSA and ECDSA certificates.
 Only a single TLS certificate is supported in client contexts. In server contexts, the first
 RSA certificate is used for clients that only support RSA and the first ECDSA certificate is
 used for clients that support ECDSA.
 Only one of ``tls_certificates``, ``tls_certificate_sds_secret_configs``,
 and ``tls_certificate_provider_instance`` may be used.
 [#next-major-version: These mutually exclusive fields should ideally be in a oneof, but it's
 not legal to put a repeated field in a oneof. In the next major version, we should rework
 this to avoid this problem.]
        repeated .envoy.extensions.transport_sockets.tls.v3.TlsCertificate tls_certificates = 2;
        Specified by:
        getTlsCertificatesOrBuilderList in interface CommonTlsContextOrBuilder

      • getTlsCertificatesCount

        public int getTlsCertificatesCount()
         :ref:`Multiple TLS certificates <arch_overview_ssl_cert_select>` can be associated with the
 same context to allow both RSA and ECDSA certificates.
 Only a single TLS certificate is supported in client contexts. In server contexts, the first
 RSA certificate is used for clients that only support RSA and the first ECDSA certificate is
 used for clients that support ECDSA.
 Only one of ``tls_certificates``, ``tls_certificate_sds_secret_configs``,
 and ``tls_certificate_provider_instance`` may be used.
 [#next-major-version: These mutually exclusive fields should ideally be in a oneof, but it's
 not legal to put a repeated field in a oneof. In the next major version, we should rework
 this to avoid this problem.]
        repeated .envoy.extensions.transport_sockets.tls.v3.TlsCertificate tls_certificates = 2;
        Specified by:
        getTlsCertificatesCount in interface CommonTlsContextOrBuilder

      • getTlsCertificates

        public TlsCertificate getTlsCertificates​(int index)
         :ref:`Multiple TLS certificates <arch_overview_ssl_cert_select>` can be associated with the
 same context to allow both RSA and ECDSA certificates.
 Only a single TLS certificate is supported in client contexts. In server contexts, the first
 RSA certificate is used for clients that only support RSA and the first ECDSA certificate is
 used for clients that support ECDSA.
 Only one of ``tls_certificates``, ``tls_certificate_sds_secret_configs``,
 and ``tls_certificate_provider_instance`` may be used.
 [#next-major-version: These mutually exclusive fields should ideally be in a oneof, but it's
 not legal to put a repeated field in a oneof. In the next major version, we should rework
 this to avoid this problem.]
        repeated .envoy.extensions.transport_sockets.tls.v3.TlsCertificate tls_certificates = 2;
        Specified by:
        getTlsCertificates in interface CommonTlsContextOrBuilder

      • getTlsCertificatesOrBuilder

        public TlsCertificateOrBuilder getTlsCertificatesOrBuilder​(int index)
         :ref:`Multiple TLS certificates <arch_overview_ssl_cert_select>` can be associated with the
 same context to allow both RSA and ECDSA certificates.
 Only a single TLS certificate is supported in client contexts. In server contexts, the first
 RSA certificate is used for clients that only support RSA and the first ECDSA certificate is
 used for clients that support ECDSA.
 Only one of ``tls_certificates``, ``tls_certificate_sds_secret_configs``,
 and ``tls_certificate_provider_instance`` may be used.
 [#next-major-version: These mutually exclusive fields should ideally be in a oneof, but it's
 not legal to put a repeated field in a oneof. In the next major version, we should rework
 this to avoid this problem.]
        repeated .envoy.extensions.transport_sockets.tls.v3.TlsCertificate tls_certificates = 2;
        Specified by:
        getTlsCertificatesOrBuilder in interface CommonTlsContextOrBuilder

      • getTlsCertificateSdsSecretConfigsList

        public List<SdsSecretConfig> getTlsCertificateSdsSecretConfigsList()
         Configs for fetching TLS certificates via SDS API. Note SDS API allows certificates to be
 fetched/refreshed over the network asynchronously with respect to the TLS handshake.
 The same number and types of certificates as :ref:`tls_certificates <envoy_v3_api_field_extensions.transport_sockets.tls.v3.CommonTlsContext.tls_certificates>`
 are valid in the the certificates fetched through this setting.
 Only one of ``tls_certificates``, ``tls_certificate_sds_secret_configs``,
 and ``tls_certificate_provider_instance`` may be used.
 [#next-major-version: These mutually exclusive fields should ideally be in a oneof, but it's
 not legal to put a repeated field in a oneof. In the next major version, we should rework
 this to avoid this problem.]
        repeated .envoy.extensions.transport_sockets.tls.v3.SdsSecretConfig tls_certificate_sds_secret_configs = 6 [(.validate.rules) = { ... }
        Specified by:
        getTlsCertificateSdsSecretConfigsList in interface CommonTlsContextOrBuilder

      • getTlsCertificateSdsSecretConfigsOrBuilderList

        public List<? extends SdsSecretConfigOrBuilder> getTlsCertificateSdsSecretConfigsOrBuilderList()
         Configs for fetching TLS certificates via SDS API. Note SDS API allows certificates to be
 fetched/refreshed over the network asynchronously with respect to the TLS handshake.
 The same number and types of certificates as :ref:`tls_certificates <envoy_v3_api_field_extensions.transport_sockets.tls.v3.CommonTlsContext.tls_certificates>`
 are valid in the the certificates fetched through this setting.
 Only one of ``tls_certificates``, ``tls_certificate_sds_secret_configs``,
 and ``tls_certificate_provider_instance`` may be used.
 [#next-major-version: These mutually exclusive fields should ideally be in a oneof, but it's
 not legal to put a repeated field in a oneof. In the next major version, we should rework
 this to avoid this problem.]
        repeated .envoy.extensions.transport_sockets.tls.v3.SdsSecretConfig tls_certificate_sds_secret_configs = 6 [(.validate.rules) = { ... }
        Specified by:
        getTlsCertificateSdsSecretConfigsOrBuilderList in interface CommonTlsContextOrBuilder

      • getTlsCertificateSdsSecretConfigsCount

        public int getTlsCertificateSdsSecretConfigsCount()
         Configs for fetching TLS certificates via SDS API. Note SDS API allows certificates to be
 fetched/refreshed over the network asynchronously with respect to the TLS handshake.
 The same number and types of certificates as :ref:`tls_certificates <envoy_v3_api_field_extensions.transport_sockets.tls.v3.CommonTlsContext.tls_certificates>`
 are valid in the the certificates fetched through this setting.
 Only one of ``tls_certificates``, ``tls_certificate_sds_secret_configs``,
 and ``tls_certificate_provider_instance`` may be used.
 [#next-major-version: These mutually exclusive fields should ideally be in a oneof, but it's
 not legal to put a repeated field in a oneof. In the next major version, we should rework
 this to avoid this problem.]
        repeated .envoy.extensions.transport_sockets.tls.v3.SdsSecretConfig tls_certificate_sds_secret_configs = 6 [(.validate.rules) = { ... }
        Specified by:
        getTlsCertificateSdsSecretConfigsCount in interface CommonTlsContextOrBuilder

      • getTlsCertificateSdsSecretConfigs

        public SdsSecretConfig getTlsCertificateSdsSecretConfigs​(int index)
         Configs for fetching TLS certificates via SDS API. Note SDS API allows certificates to be
 fetched/refreshed over the network asynchronously with respect to the TLS handshake.
 The same number and types of certificates as :ref:`tls_certificates <envoy_v3_api_field_extensions.transport_sockets.tls.v3.CommonTlsContext.tls_certificates>`
 are valid in the the certificates fetched through this setting.
 Only one of ``tls_certificates``, ``tls_certificate_sds_secret_configs``,
 and ``tls_certificate_provider_instance`` may be used.
 [#next-major-version: These mutually exclusive fields should ideally be in a oneof, but it's
 not legal to put a repeated field in a oneof. In the next major version, we should rework
 this to avoid this problem.]
        repeated .envoy.extensions.transport_sockets.tls.v3.SdsSecretConfig tls_certificate_sds_secret_configs = 6 [(.validate.rules) = { ... }
        Specified by:
        getTlsCertificateSdsSecretConfigs in interface CommonTlsContextOrBuilder

      • getTlsCertificateSdsSecretConfigsOrBuilder

        public SdsSecretConfigOrBuilder getTlsCertificateSdsSecretConfigsOrBuilder​(int index)
         Configs for fetching TLS certificates via SDS API. Note SDS API allows certificates to be
 fetched/refreshed over the network asynchronously with respect to the TLS handshake.
 The same number and types of certificates as :ref:`tls_certificates <envoy_v3_api_field_extensions.transport_sockets.tls.v3.CommonTlsContext.tls_certificates>`
 are valid in the the certificates fetched through this setting.
 Only one of ``tls_certificates``, ``tls_certificate_sds_secret_configs``,
 and ``tls_certificate_provider_instance`` may be used.
 [#next-major-version: These mutually exclusive fields should ideally be in a oneof, but it's
 not legal to put a repeated field in a oneof. In the next major version, we should rework
 this to avoid this problem.]
        repeated .envoy.extensions.transport_sockets.tls.v3.SdsSecretConfig tls_certificate_sds_secret_configs = 6 [(.validate.rules) = { ... }
        Specified by:
        getTlsCertificateSdsSecretConfigsOrBuilder in interface CommonTlsContextOrBuilder

      • hasTlsCertificateProviderInstance

        public boolean hasTlsCertificateProviderInstance()
         Certificate provider instance for fetching TLS certs.
 Only one of ``tls_certificates``, ``tls_certificate_sds_secret_configs``,
 and ``tls_certificate_provider_instance`` may be used.
 [#not-implemented-hide:]
        .envoy.extensions.transport_sockets.tls.v3.CertificateProviderPluginInstance tls_certificate_provider_instance = 14;
        Specified by:
        hasTlsCertificateProviderInstance in interface CommonTlsContextOrBuilder
        Returns:
        Whether the tlsCertificateProviderInstance field is set.

      • getTlsCertificateProviderInstance

        public CertificateProviderPluginInstance getTlsCertificateProviderInstance()
         Certificate provider instance for fetching TLS certs.
 Only one of ``tls_certificates``, ``tls_certificate_sds_secret_configs``,
 and ``tls_certificate_provider_instance`` may be used.
 [#not-implemented-hide:]
        .envoy.extensions.transport_sockets.tls.v3.CertificateProviderPluginInstance tls_certificate_provider_instance = 14;
        Specified by:
        getTlsCertificateProviderInstance in interface CommonTlsContextOrBuilder
        Returns:
        The tlsCertificateProviderInstance.

      • getTlsCertificateProviderInstanceOrBuilder

        public CertificateProviderPluginInstanceOrBuilder getTlsCertificateProviderInstanceOrBuilder()
         Certificate provider instance for fetching TLS certs.
 Only one of ``tls_certificates``, ``tls_certificate_sds_secret_configs``,
 and ``tls_certificate_provider_instance`` may be used.
 [#not-implemented-hide:]
        .envoy.extensions.transport_sockets.tls.v3.CertificateProviderPluginInstance tls_certificate_provider_instance = 14;
        Specified by:
        getTlsCertificateProviderInstanceOrBuilder in interface CommonTlsContextOrBuilder

      • hasTlsCertificateCertificateProvider

        @Deprecated
public boolean hasTlsCertificateCertificateProvider()
        Deprecated.
        envoy.extensions.transport_sockets.tls.v3.CommonTlsContext.tls_certificate_certificate_provider is deprecated. See envoy/extensions/transport_sockets/tls/v3/tls.proto;l=266
         Certificate provider for fetching TLS certificates.
 [#not-implemented-hide:]
        .envoy.extensions.transport_sockets.tls.v3.CommonTlsContext.CertificateProvider tls_certificate_certificate_provider = 9 [deprecated = true, (.envoy.annotations.deprecated_at_minor_version) = "3.0"];
        Specified by:
        hasTlsCertificateCertificateProvider in interface CommonTlsContextOrBuilder
        Returns:
        Whether the tlsCertificateCertificateProvider field is set.

      • getTlsCertificateCertificateProvider

        @Deprecated
public CommonTlsContext.CertificateProvider getTlsCertificateCertificateProvider()
        Deprecated.
        envoy.extensions.transport_sockets.tls.v3.CommonTlsContext.tls_certificate_certificate_provider is deprecated. See envoy/extensions/transport_sockets/tls/v3/tls.proto;l=266
         Certificate provider for fetching TLS certificates.
 [#not-implemented-hide:]
        .envoy.extensions.transport_sockets.tls.v3.CommonTlsContext.CertificateProvider tls_certificate_certificate_provider = 9 [deprecated = true, (.envoy.annotations.deprecated_at_minor_version) = "3.0"];
        Specified by:
        getTlsCertificateCertificateProvider in interface CommonTlsContextOrBuilder
        Returns:
        The tlsCertificateCertificateProvider.

      • hasTlsCertificateCertificateProviderInstance

        @Deprecated
public boolean hasTlsCertificateCertificateProviderInstance()
        Deprecated.
        envoy.extensions.transport_sockets.tls.v3.CommonTlsContext.tls_certificate_certificate_provider_instance is deprecated. See envoy/extensions/transport_sockets/tls/v3/tls.proto;l=271
         Certificate provider instance for fetching TLS certificates.
 [#not-implemented-hide:]
        .envoy.extensions.transport_sockets.tls.v3.CommonTlsContext.CertificateProviderInstance tls_certificate_certificate_provider_instance = 11 [deprecated = true, (.envoy.annotations.deprecated_at_minor_version) = "3.0"];
        Specified by:
        hasTlsCertificateCertificateProviderInstance in interface CommonTlsContextOrBuilder
        Returns:
        Whether the tlsCertificateCertificateProviderInstance field is set.

      • getTlsCertificateCertificateProviderInstance

        @Deprecated
public CommonTlsContext.CertificateProviderInstance getTlsCertificateCertificateProviderInstance()
        Deprecated.
        envoy.extensions.transport_sockets.tls.v3.CommonTlsContext.tls_certificate_certificate_provider_instance is deprecated. See envoy/extensions/transport_sockets/tls/v3/tls.proto;l=271
         Certificate provider instance for fetching TLS certificates.
 [#not-implemented-hide:]
        .envoy.extensions.transport_sockets.tls.v3.CommonTlsContext.CertificateProviderInstance tls_certificate_certificate_provider_instance = 11 [deprecated = true, (.envoy.annotations.deprecated_at_minor_version) = "3.0"];
        Specified by:
        getTlsCertificateCertificateProviderInstance in interface CommonTlsContextOrBuilder
        Returns:
        The tlsCertificateCertificateProviderInstance.

      • hasValidationContext

        public boolean hasValidationContext()
         How to validate peer certificates.
        .envoy.extensions.transport_sockets.tls.v3.CertificateValidationContext validation_context = 3;
        Specified by:
        hasValidationContext in interface CommonTlsContextOrBuilder
        Returns:
        Whether the validationContext field is set.

      • hasValidationContextSdsSecretConfig

        public boolean hasValidationContextSdsSecretConfig()
         Config for fetching validation context via SDS API. Note SDS API allows certificates to be
 fetched/refreshed over the network asynchronously with respect to the TLS handshake.
        .envoy.extensions.transport_sockets.tls.v3.SdsSecretConfig validation_context_sds_secret_config = 7;
        Specified by:
        hasValidationContextSdsSecretConfig in interface CommonTlsContextOrBuilder
        Returns:
        Whether the validationContextSdsSecretConfig field is set.

      • getValidationContextSdsSecretConfig

        public SdsSecretConfig getValidationContextSdsSecretConfig()
         Config for fetching validation context via SDS API. Note SDS API allows certificates to be
 fetched/refreshed over the network asynchronously with respect to the TLS handshake.
        .envoy.extensions.transport_sockets.tls.v3.SdsSecretConfig validation_context_sds_secret_config = 7;
        Specified by:
        getValidationContextSdsSecretConfig in interface CommonTlsContextOrBuilder
        Returns:
        The validationContextSdsSecretConfig.

      • getValidationContextSdsSecretConfigOrBuilder

        public SdsSecretConfigOrBuilder getValidationContextSdsSecretConfigOrBuilder()
         Config for fetching validation context via SDS API. Note SDS API allows certificates to be
 fetched/refreshed over the network asynchronously with respect to the TLS handshake.
        .envoy.extensions.transport_sockets.tls.v3.SdsSecretConfig validation_context_sds_secret_config = 7;
        Specified by:
        getValidationContextSdsSecretConfigOrBuilder in interface CommonTlsContextOrBuilder

      • hasCombinedValidationContext

        public boolean hasCombinedValidationContext()
         Combined certificate validation context holds a default CertificateValidationContext
 and SDS config. When SDS server returns dynamic CertificateValidationContext, both dynamic
 and default CertificateValidationContext are merged into a new CertificateValidationContext
 for validation. This merge is done by Message::MergeFrom(), so dynamic
 CertificateValidationContext overwrites singular fields in default
 CertificateValidationContext, and concatenates repeated fields to default
 CertificateValidationContext, and logical OR is applied to boolean fields.
        .envoy.extensions.transport_sockets.tls.v3.CommonTlsContext.CombinedCertificateValidationContext combined_validation_context = 8;
        Specified by:
        hasCombinedValidationContext in interface CommonTlsContextOrBuilder
        Returns:
        Whether the combinedValidationContext field is set.

      • getCombinedValidationContext

        public CommonTlsContext.CombinedCertificateValidationContext getCombinedValidationContext()
         Combined certificate validation context holds a default CertificateValidationContext
 and SDS config. When SDS server returns dynamic CertificateValidationContext, both dynamic
 and default CertificateValidationContext are merged into a new CertificateValidationContext
 for validation. This merge is done by Message::MergeFrom(), so dynamic
 CertificateValidationContext overwrites singular fields in default
 CertificateValidationContext, and concatenates repeated fields to default
 CertificateValidationContext, and logical OR is applied to boolean fields.
        .envoy.extensions.transport_sockets.tls.v3.CommonTlsContext.CombinedCertificateValidationContext combined_validation_context = 8;
        Specified by:
        getCombinedValidationContext in interface CommonTlsContextOrBuilder
        Returns:
        The combinedValidationContext.

      • getCombinedValidationContextOrBuilder

        public CommonTlsContext.CombinedCertificateValidationContextOrBuilder getCombinedValidationContextOrBuilder()
         Combined certificate validation context holds a default CertificateValidationContext
 and SDS config. When SDS server returns dynamic CertificateValidationContext, both dynamic
 and default CertificateValidationContext are merged into a new CertificateValidationContext
 for validation. This merge is done by Message::MergeFrom(), so dynamic
 CertificateValidationContext overwrites singular fields in default
 CertificateValidationContext, and concatenates repeated fields to default
 CertificateValidationContext, and logical OR is applied to boolean fields.
        .envoy.extensions.transport_sockets.tls.v3.CommonTlsContext.CombinedCertificateValidationContext combined_validation_context = 8;
        Specified by:
        getCombinedValidationContextOrBuilder in interface CommonTlsContextOrBuilder

      • hasValidationContextCertificateProvider

        @Deprecated
public boolean hasValidationContextCertificateProvider()
        Deprecated.
        envoy.extensions.transport_sockets.tls.v3.CommonTlsContext.validation_context_certificate_provider is deprecated. See envoy/extensions/transport_sockets/tls/v3/tls.proto;l=293
         Certificate provider for fetching validation context.
 [#not-implemented-hide:]
        .envoy.extensions.transport_sockets.tls.v3.CommonTlsContext.CertificateProvider validation_context_certificate_provider = 10 [deprecated = true, (.envoy.annotations.deprecated_at_minor_version) = "3.0"];
        Specified by:
        hasValidationContextCertificateProvider in interface CommonTlsContextOrBuilder
        Returns:
        Whether the validationContextCertificateProvider field is set.

      • getValidationContextCertificateProvider

        @Deprecated
public CommonTlsContext.CertificateProvider getValidationContextCertificateProvider()
        Deprecated.
        envoy.extensions.transport_sockets.tls.v3.CommonTlsContext.validation_context_certificate_provider is deprecated. See envoy/extensions/transport_sockets/tls/v3/tls.proto;l=293
         Certificate provider for fetching validation context.
 [#not-implemented-hide:]
        .envoy.extensions.transport_sockets.tls.v3.CommonTlsContext.CertificateProvider validation_context_certificate_provider = 10 [deprecated = true, (.envoy.annotations.deprecated_at_minor_version) = "3.0"];
        Specified by:
        getValidationContextCertificateProvider in interface CommonTlsContextOrBuilder
        Returns:
        The validationContextCertificateProvider.

      • hasValidationContextCertificateProviderInstance

        @Deprecated
public boolean hasValidationContextCertificateProviderInstance()
        Deprecated.
        envoy.extensions.transport_sockets.tls.v3.CommonTlsContext.validation_context_certificate_provider_instance is deprecated. See envoy/extensions/transport_sockets/tls/v3/tls.proto;l=298
         Certificate provider instance for fetching validation context.
 [#not-implemented-hide:]
        .envoy.extensions.transport_sockets.tls.v3.CommonTlsContext.CertificateProviderInstance validation_context_certificate_provider_instance = 12 [deprecated = true, (.envoy.annotations.deprecated_at_minor_version) = "3.0"];
        Specified by:
        hasValidationContextCertificateProviderInstance in interface CommonTlsContextOrBuilder
        Returns:
        Whether the validationContextCertificateProviderInstance field is set.

      • getValidationContextCertificateProviderInstance

        @Deprecated
public CommonTlsContext.CertificateProviderInstance getValidationContextCertificateProviderInstance()
        Deprecated.
        envoy.extensions.transport_sockets.tls.v3.CommonTlsContext.validation_context_certificate_provider_instance is deprecated. See envoy/extensions/transport_sockets/tls/v3/tls.proto;l=298
         Certificate provider instance for fetching validation context.
 [#not-implemented-hide:]
        .envoy.extensions.transport_sockets.tls.v3.CommonTlsContext.CertificateProviderInstance validation_context_certificate_provider_instance = 12 [deprecated = true, (.envoy.annotations.deprecated_at_minor_version) = "3.0"];
        Specified by:
        getValidationContextCertificateProviderInstance in interface CommonTlsContextOrBuilder
        Returns:
        The validationContextCertificateProviderInstance.

      • getAlpnProtocolsList

        public com.google.protobuf.ProtocolStringList getAlpnProtocolsList()
         Supplies the list of ALPN protocols that the listener should expose. In
 practice this is likely to be set to one of two values (see the
 :ref:`codec_type
 <envoy_v3_api_field_extensions.filters.network.http_connection_manager.v3.HttpConnectionManager.codec_type>`
 parameter in the HTTP connection manager for more information):
 * "h2,http/1.1" If the listener is going to support both HTTP/2 and HTTP/1.1.
 * "http/1.1" If the listener is only going to support HTTP/1.1.
 There is no default for this parameter. If empty, Envoy will not expose ALPN.
        repeated string alpn_protocols = 4;
        Specified by:
        getAlpnProtocolsList in interface CommonTlsContextOrBuilder
        Returns:
        A list containing the alpnProtocols.

      • getAlpnProtocolsCount

        public int getAlpnProtocolsCount()
         Supplies the list of ALPN protocols that the listener should expose. In
 practice this is likely to be set to one of two values (see the
 :ref:`codec_type
 <envoy_v3_api_field_extensions.filters.network.http_connection_manager.v3.HttpConnectionManager.codec_type>`
 parameter in the HTTP connection manager for more information):
 * "h2,http/1.1" If the listener is going to support both HTTP/2 and HTTP/1.1.
 * "http/1.1" If the listener is only going to support HTTP/1.1.
 There is no default for this parameter. If empty, Envoy will not expose ALPN.
        repeated string alpn_protocols = 4;
        Specified by:
        getAlpnProtocolsCount in interface CommonTlsContextOrBuilder
        Returns:
        The count of alpnProtocols.

      • getAlpnProtocols

        public String getAlpnProtocols​(int index)
         Supplies the list of ALPN protocols that the listener should expose. In
 practice this is likely to be set to one of two values (see the
 :ref:`codec_type
 <envoy_v3_api_field_extensions.filters.network.http_connection_manager.v3.HttpConnectionManager.codec_type>`
 parameter in the HTTP connection manager for more information):
 * "h2,http/1.1" If the listener is going to support both HTTP/2 and HTTP/1.1.
 * "http/1.1" If the listener is only going to support HTTP/1.1.
 There is no default for this parameter. If empty, Envoy will not expose ALPN.
        repeated string alpn_protocols = 4;
        Specified by:
        getAlpnProtocols in interface CommonTlsContextOrBuilder
        Parameters:
        index - The index of the element to return.
        Returns:
        The alpnProtocols at the given index.

      • getAlpnProtocolsBytes

        public com.google.protobuf.ByteString getAlpnProtocolsBytes​(int index)
         Supplies the list of ALPN protocols that the listener should expose. In
 practice this is likely to be set to one of two values (see the
 :ref:`codec_type
 <envoy_v3_api_field_extensions.filters.network.http_connection_manager.v3.HttpConnectionManager.codec_type>`
 parameter in the HTTP connection manager for more information):
 * "h2,http/1.1" If the listener is going to support both HTTP/2 and HTTP/1.1.
 * "http/1.1" If the listener is only going to support HTTP/1.1.
 There is no default for this parameter. If empty, Envoy will not expose ALPN.
        repeated string alpn_protocols = 4;
        Specified by:
        getAlpnProtocolsBytes in interface CommonTlsContextOrBuilder
        Parameters:
        index - The index of the value to return.
        Returns:
        The bytes of the alpnProtocols at the given index.

      • hasCustomHandshaker

        public boolean hasCustomHandshaker()
         Custom TLS handshaker. If empty, defaults to native TLS handshaking
 behavior.
        .envoy.config.core.v3.TypedExtensionConfig custom_handshaker = 13;
        Specified by:
        hasCustomHandshaker in interface CommonTlsContextOrBuilder
        Returns:
        Whether the customHandshaker field is set.

      • getCustomHandshaker

        public TypedExtensionConfig getCustomHandshaker()
         Custom TLS handshaker. If empty, defaults to native TLS handshaking
 behavior.
        .envoy.config.core.v3.TypedExtensionConfig custom_handshaker = 13;
        Specified by:
        getCustomHandshaker in interface CommonTlsContextOrBuilder
        Returns:
        The customHandshaker.

      • hasKeyLog

        public boolean hasKeyLog()
         TLS key log configuration
        .envoy.extensions.transport_sockets.tls.v3.TlsKeyLog key_log = 15;
        Specified by:
        hasKeyLog in interface CommonTlsContextOrBuilder
        Returns:
        Whether the keyLog field is set.

      • getKeyLog

        public TlsKeyLog getKeyLog()
         TLS key log configuration
        .envoy.extensions.transport_sockets.tls.v3.TlsKeyLog key_log = 15;
        Specified by:
        getKeyLog in interface CommonTlsContextOrBuilder
        Returns:
        The keyLog.

      • isInitialized

        public final boolean isInitialized()
        Specified by:
        isInitialized in interface com.google.protobuf.MessageLiteOrBuilder
        Overrides:
        isInitialized in class com.google.protobuf.GeneratedMessageV3

      • writeTo

        public void writeTo​(com.google.protobuf.CodedOutputStream output)
             throws IOException
        Specified by:
        writeTo in interface com.google.protobuf.MessageLite
        Overrides:
        writeTo in class com.google.protobuf.GeneratedMessageV3
        Throws:
        IOException

      • getSerializedSize

        public int getSerializedSize()
        Specified by:
        getSerializedSize in interface com.google.protobuf.MessageLite
        Overrides:
        getSerializedSize in class com.google.protobuf.GeneratedMessageV3

      • equals

        public boolean equals​(Object obj)
        Specified by:
        equals in interface com.google.protobuf.Message
        Overrides:
        equals in class com.google.protobuf.AbstractMessage

      • hashCode

        public int hashCode()
        Specified by:
        hashCode in interface com.google.protobuf.Message
        Overrides:
        hashCode in class com.google.protobuf.AbstractMessage

      • parseFrom

        public static CommonTlsContext parseFrom​(ByteBuffer data)
                                  throws com.google.protobuf.InvalidProtocolBufferException
        Throws:
        com.google.protobuf.InvalidProtocolBufferException

      • parseFrom

        public static CommonTlsContext parseFrom​(ByteBuffer data,
                                         com.google.protobuf.ExtensionRegistryLite extensionRegistry)
                                  throws com.google.protobuf.InvalidProtocolBufferException
        Throws:
        com.google.protobuf.InvalidProtocolBufferException

      • parseFrom

        public static CommonTlsContext parseFrom​(com.google.protobuf.ByteString data)
                                  throws com.google.protobuf.InvalidProtocolBufferException
        Throws:
        com.google.protobuf.InvalidProtocolBufferException

      • parseFrom

        public static CommonTlsContext parseFrom​(com.google.protobuf.ByteString data,
                                         com.google.protobuf.ExtensionRegistryLite extensionRegistry)
                                  throws com.google.protobuf.InvalidProtocolBufferException
        Throws:
        com.google.protobuf.InvalidProtocolBufferException

      • parseFrom

        public static CommonTlsContext parseFrom​(byte[] data)
                                  throws com.google.protobuf.InvalidProtocolBufferException
        Throws:
        com.google.protobuf.InvalidProtocolBufferException

      • parseFrom

        public static CommonTlsContext parseFrom​(byte[] data,
                                         com.google.protobuf.ExtensionRegistryLite extensionRegistry)
                                  throws com.google.protobuf.InvalidProtocolBufferException
        Throws:
        com.google.protobuf.InvalidProtocolBufferException

      • parseFrom

        public static CommonTlsContext parseFrom​(com.google.protobuf.CodedInputStream input,
                                         com.google.protobuf.ExtensionRegistryLite extensionRegistry)
                                  throws IOException
        Throws:
        IOException

      • newBuilderForType

        public CommonTlsContext.Builder newBuilderForType()
        Specified by:
        newBuilderForType in interface com.google.protobuf.Message
        Specified by:
        newBuilderForType in interface com.google.protobuf.MessageLite

      • toBuilder

        public CommonTlsContext.Builder toBuilder()
        Specified by:
        toBuilder in interface com.google.protobuf.Message
        Specified by:
        toBuilder in interface com.google.protobuf.MessageLite

      • newBuilderForType

        protected CommonTlsContext.Builder newBuilderForType​(com.google.protobuf.GeneratedMessageV3.BuilderParent parent)
        Specified by:
        newBuilderForType in class com.google.protobuf.GeneratedMessageV3

      • getParserForType

        public com.google.protobuf.Parser<CommonTlsContext> getParserForType()
        Specified by:
        getParserForType in interface com.google.protobuf.Message
        Specified by:
        getParserForType in interface com.google.protobuf.MessageLite
        Overrides:
        getParserForType in class com.google.protobuf.GeneratedMessageV3

      • getDefaultInstanceForType

        public CommonTlsContext getDefaultInstanceForType()
        Specified by:
        getDefaultInstanceForType in interface com.google.protobuf.MessageLiteOrBuilder
        Specified by:
        getDefaultInstanceForType in interface com.google.protobuf.MessageOrBuilder