- Sort Score
- Result 10 results
- Languages All
Results 1 - 10 of 106 for mtls (0.04 sec)
-
tests/integration/security/pass_through_filter_chain_test.go
// The request should be denied on port 8085 and 8071. name: "STRICT with DISABLE", config: `apiVersion: security.istio.io/v1beta1 kind: PeerAuthentication metadata: name: {{ .To.ServiceName }}-mtls spec: selector: matchLabels: app: {{ .To.ServiceName }} mtls: mode: STRICT portLevelMtls:
Registered: Fri Jun 14 15:00:06 UTC 2024 - Last Modified: Mon Apr 08 22:02:59 UTC 2024 - 11.9K bytes - Viewed (0) -
pilot/pkg/credentials/kube/secrets_test.go
Registered: Fri Jun 14 15:00:06 UTC 2024 - Last Modified: Fri Feb 23 19:18:21 UTC 2024 - 18.4K bytes - Viewed (0) -
pilot/pkg/networking/core/peer_authentication_simulation_test.go
{ Name: "mtls on port 8000", Call: mkCall(8000, simulation.MTLS), Result: simulation.Result{ClusterMatched: "inbound|8000||"}, }, { Name: "plaintext port 9000", Call: mkCall(9000, simulation.Plaintext), Result: simulation.Result{ClusterMatched: "InboundPassthroughCluster"}, }, { Name: "mtls port 9000", Call: mkCall(9000, simulation.MTLS),
Registered: Fri Jun 14 15:00:06 UTC 2024 - Last Modified: Thu Jun 13 01:56:28 UTC 2024 - 16.2K bytes - Viewed (0) -
pilot/pkg/xds/sds_test.go
Cert string CaCert string CaCrl string } allResources := []string{ "kubernetes://generic", "kubernetes://generic-mtls", "kubernetes://generic-mtls-cacert", "kubernetes://generic-mtls-split", "kubernetes://generic-mtls-split-cacert", "kubernetes://generic-mtls-crl", "kubernetes://generic-mtls-crl-cacert", } cases := []struct { name string proxy *model.Proxy
Registered: Fri Jun 14 15:00:06 UTC 2024 - Last Modified: Mon May 13 20:55:20 UTC 2024 - 17.7K bytes - Viewed (0) -
tests/integration/security/sds_ingress/ingress_test.go
} // TestSingleMTLSGateway_ServerKeyCertRotation tests a single mTLS ingress gateway with SDS enabled. // Verifies behavior in these scenarios. // (1) create two kubernetes secrets to provision server key/cert and client CA cert, and // verify that mTLS connection could establish to deliver HTTPS request. // (2) replace kubernetes secret to rotate server key/cert, and verify that mTLS connection could
Registered: Fri Jun 14 15:00:06 UTC 2024 - Last Modified: Mon Apr 08 22:02:59 UTC 2024 - 32.7K bytes - Viewed (0) -
pilot/pkg/xds/endpoints/ep_filters_test.go
Mtls: &security.PeerAuthentication_MutualTLS{Mode: security.PeerAuthentication_MutualTLS_STRICT}, }, }, IsMtlsDisabled: false, }, "mtls-off-global": { Config: config.Config{ Meta: config.Meta{ GroupVersionKind: gvk.PeerAuthentication, Name: "mtls-off", Namespace: "istio-system", }, Spec: &security.PeerAuthentication{
Registered: Fri Jun 14 15:00:06 UTC 2024 - Last Modified: Wed May 29 01:17:58 UTC 2024 - 26.8K bytes - Viewed (0) -
pilot/pkg/serviceregistry/kube/controller/ambient/authorization.go
}) } return res } func isMtlsModeUnset(mtls *v1beta1.PeerAuthentication_MutualTLS) bool { return mtls == nil || mtls.Mode == v1beta1.PeerAuthentication_MutualTLS_UNSET } func isMtlsModeStrict(mtls *v1beta1.PeerAuthentication_MutualTLS) bool { return mtls != nil && mtls.Mode == v1beta1.PeerAuthentication_MutualTLS_STRICT } func isMtlsModeDisable(mtls *v1beta1.PeerAuthentication_MutualTLS) bool {
Registered: Fri Jun 14 15:00:06 UTC 2024 - Last Modified: Mon Apr 15 16:23:36 UTC 2024 - 18.4K bytes - Viewed (0) -
pilot/pkg/model/authentication_test.go
GroupVersionKind: gvk.PeerAuthentication, CreationTimestamp: baseTimestamp, Name: "default", Namespace: "foo", }, Spec: &securityBeta.PeerAuthentication{ Mtls: &securityBeta.PeerAuthentication_MutualTLS{ Mode: securityBeta.PeerAuthentication_MutualTLS_STRICT, }, }, }, { Meta: config.Meta{ GroupVersionKind: gvk.PeerAuthentication,
Registered: Fri Jun 14 15:00:06 UTC 2024 - Last Modified: Wed Apr 17 22:20:44 UTC 2024 - 45.1K bytes - Viewed (0) -
tests/integration/security/egress_sidecar_tls_origination_test.go
credWithCRL = "mtls-credential-generic-valid-crl" credWithDummyCRL = "mtls-credential-generic-dummy-crl" ) // Create a valid kubernetes secret to provision key/cert for sidecar. ingressutil.CreateIngressKubeSecretInNamespace(t, credNameGeneric, ingressutil.Mtls, ingressutil.IngressCredential{ Certificate: file.AsStringOrFail(t, path.Join(env.IstioSrc, "tests/testdata/certs/dns/cert-chain.pem")),
Registered: Fri Jun 14 15:00:06 UTC 2024 - Last Modified: Mon Apr 08 22:02:59 UTC 2024 - 10.4K bytes - Viewed (0) -
pilot/pkg/model/authentication.go
) // MutualTLSMode is the mutual TLS mode specified by authentication policy. type MutualTLSMode int const ( // MTLSUnknown is used to indicate the variable hasn't been initialized correctly (with the authentication policy). MTLSUnknown MutualTLSMode = iota // MTLSDisable if authentication policy disable mTLS. MTLSDisable // MTLSPermissive if authentication policy enable mTLS in permissive mode. MTLSPermissive
Registered: Fri Jun 14 15:00:06 UTC 2024 - Last Modified: Wed Apr 17 22:20:44 UTC 2024 - 10.1K bytes - Viewed (0)