- Sort Score
- Result 10 results
- Languages All
Results 1 - 6 of 6 for VerifyCertAtClient (3.48 sec)
-
pilot/pkg/networking/core/cluster_tls.go
} } // Set auto_sni if EnableAutoSni feature flag is enabled and if sni field is not explicitly set in DR. // Set auto_san_validation if VerifyCertAtClient feature flag is enabled and if there is no explicit SubjectAltNames specified in DR. func (cb *ClusterBuilder) setAutoSniAndAutoSanValidation(mc *clusterWrapper, tls *networking.ClientTLSSettings) {
Registered: Fri Jun 14 15:00:06 UTC 2024 - Last Modified: Thu Apr 18 19:09:43 UTC 2024 - 19.2K bytes - Viewed (0) -
pilot/pkg/networking/core/cluster_test.go
Tls: &networking.ClientTLSSettings{ CaCertificates: "", }, }, verifyCertAtClient: false, expectedCARootPath: "", }, } for _, testCase := range testCases { t.Run(testCase.name, func(t *testing.T) { test.SetForTest(t, &features.VerifyCertAtClient, testCase.verifyCertAtClient) selectTrafficPolicyComponents(testCase.policy)
Registered: Fri Jun 14 15:00:06 UTC 2024 - Last Modified: Thu Jun 13 01:56:28 UTC 2024 - 108.8K bytes - Viewed (0) -
pilot/pkg/networking/core/cluster_builder_test.go
proxyView model.ProxyView destRule *networking.DestinationRule expectedCaCertificateName string enableVerifyCertAtClient bool }{ { name: "VerifyCertAtClient set and destination rule with empty string CaCertificates", cluster: &cluster.Cluster{Name: "foo", ClusterDiscoveryType: &cluster.Cluster_Type{Type: cluster.Cluster_EDS}}, clusterMode: DefaultClusterMode,
Registered: Fri Jun 14 15:00:06 UTC 2024 - Last Modified: Thu Jun 13 01:56:28 UTC 2024 - 110.4K bytes - Viewed (0) -
pilot/pkg/features/pilot.go
EnableAutoSni = env.Register("ENABLE_AUTO_SNI", true, "If enabled, automatically set SNI when `DestinationRules` do not specify the same").Get() VerifyCertAtClient = env.Register("VERIFY_CERTIFICATE_AT_CLIENT", true, "If enabled, certificates received by the proxy will be verified against the OS CA certificate bundle.").Get()
Registered: Fri Jun 14 15:00:06 UTC 2024 - Last Modified: Thu Jun 13 17:48:28 UTC 2024 - 13.3K bytes - Viewed (0) -
pilot/pkg/networking/core/cluster_traffic_policy.go
outlierDetection := policy.OutlierDetection loadBalancer := policy.LoadBalancer tls := policy.Tls proxyProtocol := policy.ProxyProtocol // Check if CA Certificate should be System CA Certificate if features.VerifyCertAtClient && tls != nil && tls.CaCertificates == "" { tls.CaCertificates = "system" } return connectionPool, outlierDetection, loadBalancer, tls, proxyProtocol }
Registered: Fri Jun 14 15:00:06 UTC 2024 - Last Modified: Tue Apr 23 05:38:57 UTC 2024 - 20K bytes - Viewed (0) -
pilot/pkg/networking/core/cluster_tls_test.go
err: nil, }, }, } for _, tc := range testCases { t.Run(tc.name, func(t *testing.T) { test.SetForTest(t, &features.EnableAutoSni, tc.enableAutoSni) test.SetForTest(t, &features.VerifyCertAtClient, tc.enableVerifyCertAtClient) var proxy *model.Proxy if tc.router { proxy = newGatewayProxy() } else { proxy = newSidecarProxy() }
Registered: Fri Jun 14 15:00:06 UTC 2024 - Last Modified: Mon May 06 03:53:05 UTC 2024 - 60.9K bytes - Viewed (0)