- Sort Score
- Result 10 results
- Languages All
Results 1 - 10 of 49 for mtls (0.1 sec)
-
pilot/pkg/security/authn/policy_applier_test.go
}), }, }, }, { name: "beta-mtls", peerIn: []*config.Config{ { Spec: &v1beta1.PeerAuthentication{ Mtls: &v1beta1.PeerAuthentication_MutualTLS{ Mode: v1beta1.PeerAuthentication_MutualTLS_STRICT, }, }, }, }, expected: nil, }, { name: "beta-mtls-disable", peerIn: []*config.Config{ {
Registered: Fri Jun 14 15:00:06 UTC 2024 - Last Modified: Fri Dec 01 07:32:22 UTC 2023 - 60.2K bytes - Viewed (0) -
pilot/pkg/networking/core/sidecar_simulation_test.go
}, Strict: simulation.Result{ // TLS, but not mTLS Error: simulation.ErrMTLSError, }, }, { Name: "mtls to http", Call: simulation.Call{ Port: 80, Protocol: simulation.HTTP, TLS: simulation.MTLS, CallMode: simulation.CallModeInbound, }, Disabled: simulation.Result{ // TLS is not terminated, so we will attempt to decode as HTTP and fail
Registered: Fri Jun 14 15:00:06 UTC 2024 - Last Modified: Thu Jun 13 01:56:28 UTC 2024 - 84.7K bytes - Viewed (0) -
pilot/pkg/serviceregistry/serviceentry/controller_test.go
makeInstance(httpStatic, "2.2.2.2", 18080, httpStatic.Spec.(*networking.ServiceEntry).Ports[1], nil, MTLS), makeInstance(httpStatic, "3.3.3.3", 1080, httpStatic.Spec.(*networking.ServiceEntry).Ports[0], nil, MTLS), makeInstance(httpStatic, "3.3.3.3", 8080, httpStatic.Spec.(*networking.ServiceEntry).Ports[1], nil, MTLS),
Registered: Fri Jun 14 15:00:06 UTC 2024 - Last Modified: Wed May 29 15:31:09 UTC 2024 - 92.9K bytes - Viewed (0) -
pilot/pkg/serviceregistry/kube/controller/ambient/ambientindex_test.go
pol := c.(*clientsecurityv1beta1.PeerAuthentication) pol.Spec.Mtls = &auth.PeerAuthentication_MutualTLS{ Mode: auth.PeerAuthentication_MutualTLS_PERMISSIVE, } }) s.assertEvent(t, xdsConvertedStaticStrict) s.addPolicy(t, "namespace", testNS, nil, gvk.PeerAuthentication, func(c controllers.Object) { pol := c.(*clientsecurityv1beta1.PeerAuthentication) pol.Spec.Mtls = &auth.PeerAuthentication_MutualTLS{
Registered: Fri Jun 14 15:00:06 UTC 2024 - Last Modified: Wed May 08 01:04:50 UTC 2024 - 70.2K bytes - Viewed (0) -
tests/integration/ambient/baseline_test.go
kind: PeerAuthentication metadata: name: global-strict spec: mtls: mode: STRICT `).ApplyOrFail(t) opt = opt.DeepCopy() if !src.Config().HasProxyCapabilities() && dst.Config().HasProxyCapabilities() { // Expect deny if the dest is in the mesh (enforcing mTLS) but src is not (not sending mTLS) opt.Check = CheckDeny } src.CallOrFail(t, opt) })
Registered: Fri Jun 14 15:00:06 UTC 2024 - Last Modified: Wed Jun 12 00:07:28 UTC 2024 - 78.4K bytes - Viewed (0) -
tests/integration/security/authz_test.go
toMatch := match.Not(fromMatch) to := toMatch.GetServiceMatches(apps.Ns1.All) fromAndTo := to.Instances().Append(from) config.New(t). Source(config.File("testdata/authz/mtls.yaml.tmpl")). Source(config.File("testdata/authz/allow-principal.yaml.tmpl").WithParams( param.Params{ "Allowed": allowed, })). BuildAll(nil, to). Apply()
Registered: Fri Jun 14 15:00:06 UTC 2024 - Last Modified: Wed May 08 23:36:51 UTC 2024 - 50.1K bytes - Viewed (0) -
docs/bucket/notifications/README.md
sasl (on|off) set to 'on' to enable SASL authentication tls (on|off) set to 'on' to enable TLS tls_skip_verify (on|off) trust server TLS without verification, defaults to "on" (verify) client_tls_cert (path) path to client certificate for mTLS auth client_tls_key (path) path to client key for mTLS auth
Registered: Sun Jun 16 00:44:34 UTC 2024 - Last Modified: Thu Jan 18 07:03:17 UTC 2024 - 84K bytes - Viewed (0) -
pkg/kube/inject/testdata/inputs/enable-core-dump.yaml.5.template.gen.yaml
name: istio-envoy - mountPath: /var/run/secrets/tokens name: istio-token {{- if .Values.global.mountMtlsCerts }} # Use the key and cert mounted to /etc/certs/ for the in-cluster mTLS communications. - mountPath: /etc/certs/ name: istio-certs readOnly: true {{- end }} - name: istio-podinfo mountPath: /etc/istio/pod
Registered: Fri Jun 14 15:00:06 UTC 2024 - Last Modified: Mon Jun 03 01:55:05 UTC 2024 - 75.9K bytes - Viewed (0) -
pkg/kube/inject/testdata/inputs/hello-existing-cncf-networks-json.yaml.16.template.gen.yaml
name: istio-envoy - mountPath: /var/run/secrets/tokens name: istio-token {{- if .Values.global.mountMtlsCerts }} # Use the key and cert mounted to /etc/certs/ for the in-cluster mTLS communications. - mountPath: /etc/certs/ name: istio-certs readOnly: true {{- end }} - name: istio-podinfo mountPath: /etc/istio/pod
Registered: Fri Jun 14 15:00:06 UTC 2024 - Last Modified: Mon Jun 03 01:55:05 UTC 2024 - 75.9K bytes - Viewed (0) -
pkg/kube/inject/testdata/inputs/hello-image-pull-secret.yaml.11.template.gen.yaml
name: istio-envoy - mountPath: /var/run/secrets/tokens name: istio-token {{- if .Values.global.mountMtlsCerts }} # Use the key and cert mounted to /etc/certs/ for the in-cluster mTLS communications. - mountPath: /etc/certs/ name: istio-certs readOnly: true {{- end }} - name: istio-podinfo mountPath: /etc/istio/pod
Registered: Fri Jun 14 15:00:06 UTC 2024 - Last Modified: Mon Jun 03 01:55:05 UTC 2024 - 75.9K bytes - Viewed (0)