- Sort Score
- Result 10 results
- Languages All
Results 1 - 10 of 22 for ca (0.23 sec)
-
istioctl/pkg/tag/generate_test.go
Go - Registered: Wed May 08 22:53:08 GMT 2024 - Last Modified: Tue Jan 16 17:43:49 GMT 2024 - 12.1K bytes - Viewed (0) -
manifests/charts/istio-control/istio-discovery/values.yaml
# When a CSR is sent from Istio Agent to the CA (e.g. Istiod), this aud is to make sure the # JWT is intended for the CA. token: aud: istio-ca sts: # The service port used by Security Token Service (STS) server to handle token exchange requests. # Setting this port to a non-zero value enables STS server. servicePort: 0 # The name of the CA for workload certificates.
Others - Registered: Wed May 08 22:53:08 GMT 2024 - Last Modified: Mon Apr 22 22:00:40 GMT 2024 - 20.3K bytes - Viewed (0) -
manifests/charts/istio-control/istio-discovery/files/waypoint.yaml
- name: istio-token projected: sources: - serviceAccountToken: audience: istio-ca expirationSeconds: 43200 path: istio-token - configMap: name: istio-ca-root-cert name: istiod-ca-cert {{- if .Values.global.imagePullSecrets }} imagePullSecrets: {{- range .Values.global.imagePullSecrets }}
Others - Registered: Wed May 08 22:53:08 GMT 2024 - Last Modified: Fri May 03 19:29:42 GMT 2024 - 10.1K bytes - Viewed (0) -
manifests/charts/istio-control/istio-discovery/files/grpc-agent.yaml
path: istio-token expirationSeconds: 43200 audience: {{ .Values.global.sds.token.aud }} {{- if eq .Values.global.pilotCertProvider "istiod" }} - name: istiod-ca-cert configMap: name: istio-ca-root-cert {{- end }} {{- if .Values.global.mountMtlsCerts }} # Use the key and cert mounted to /etc/certs/ for the in-cluster mTLS communications. - name: istio-certs secret:
Others - Registered: Wed May 08 22:53:08 GMT 2024 - Last Modified: Fri Apr 26 16:51:17 GMT 2024 - 12.1K bytes - Viewed (0) -
manifests/charts/gateways/istio-ingress/templates/deployment.yaml
- emptyDir: {} name: credential-socket - emptyDir: {} name: workload-certs {{- if eq .Values.global.pilotCertProvider "istiod" }} - name: istiod-ca-cert configMap: name: istio-ca-root-cert {{- end }} - name: podinfo downwardAPI: items: - path: "labels" fieldRef: fieldPath: metadata.labels
Others - Registered: Wed May 08 22:53:08 GMT 2024 - Last Modified: Thu Apr 18 18:16:49 GMT 2024 - 12.1K bytes - Viewed (1) -
manifests/charts/istio-control/istio-discovery/files/kube-gateway.yaml
expirationSeconds: 43200 audience: {{ .Values.global.sds.token.aud }} {{- if eq .Values.global.pilotCertProvider "istiod" }} - name: istiod-ca-cert configMap: name: istio-ca-root-cert {{- end }} {{- if .Values.global.imagePullSecrets }} imagePullSecrets: {{- range .Values.global.imagePullSecrets }} - name: {{ . }}
Others - Registered: Wed May 08 22:53:08 GMT 2024 - Last Modified: Fri Apr 19 15:10:43 GMT 2024 - 12.1K bytes - Viewed (0) -
architecture/ambient/ztunnel.md
When fetching certificates, ztunnel will authenticate to the CA with its own identity, but request the identity of another workload. Critically, the CA must enforce that the ztunnel has permission to request that identity. Requests for identities not running on the node are rejected. This is critical to ensure that a compromised node does not compromise the entire mesh.
Plain Text - Registered: Wed May 08 22:53:08 GMT 2024 - Last Modified: Thu Apr 25 22:35:16 GMT 2024 - 16.6K bytes - Viewed (0) -
manifests/charts/istiod-remote/files/injection-template.yaml
{{- if eq .Values.global.pilotCertProvider "istiod" }} - name: istiod-ca-cert configMap: name: istio-ca-root-cert {{- end }} {{- if eq .Values.global.pilotCertProvider "kubernetes" }} - name: kube-ca-cert configMap: name: kube-root-ca.crt {{- end }} {{- if .Values.global.mountMtlsCerts }}
Others - Registered: Wed May 08 22:53:08 GMT 2024 - Last Modified: Fri Apr 26 16:51:17 GMT 2024 - 23.7K bytes - Viewed (0) -
manifests/charts/istio-control/istio-discovery/files/injection-template.yaml
{{- if eq .Values.global.pilotCertProvider "istiod" }} - name: istiod-ca-cert configMap: name: istio-ca-root-cert {{- end }} {{- if eq .Values.global.pilotCertProvider "kubernetes" }} - name: kube-ca-cert configMap: name: kube-root-ca.crt {{- end }} {{- if .Values.global.mountMtlsCerts }}
Others - Registered: Wed May 08 22:53:08 GMT 2024 - Last Modified: Fri Apr 26 16:51:17 GMT 2024 - 23.7K bytes - Viewed (1) -
istioctl/pkg/workload/workload_test.go
"istio.io/istio/istioctl/pkg/cli" "istio.io/istio/pilot/test/util" "istio.io/istio/pkg/config/constants" "istio.io/istio/pkg/kube" "istio.io/istio/pkg/test/util/assert" ) var fakeCACert = []byte("fake-CA-cert") var ( defaultYAML = `apiVersion: networking.istio.io/v1alpha3 kind: WorkloadGroup metadata: name: foo namespace: bar spec: metadata: {} template: serviceAccount: default `
Go - Registered: Wed May 08 22:53:08 GMT 2024 - Last Modified: Wed Mar 27 16:59:05 GMT 2024 - 14.6K bytes - Viewed (0)