- Sort Score
- Result 10 results
- Languages All
Results 21 - 30 of 97 for mtls (0.11 sec)
-
internal/config/notify/help.go
}, config.HelpKV{ Key: target.WebhookClientCert, Description: "client cert for Webhook mTLS auth", Optional: true, Type: "string", Sensitive: true, }, config.HelpKV{ Key: target.WebhookClientKey, Description: "client cert key for Webhook mTLS auth", Optional: true, Type: "string", Sensitive: true, }, }
Registered: Sun Jun 16 00:44:34 UTC 2024 - Last Modified: Tue Mar 19 04:37:54 UTC 2024 - 18.8K bytes - Viewed (0) -
pilot/pkg/networking/core/cluster_tls.go
Sni: tls.Sni, } cb.setAutoSniAndAutoSanValidation(c, tls) // Use subject alt names specified in service entry if TLS settings does not have subject alt names. if opts.serviceRegistry == provider.External && len(tls.SubjectAltNames) == 0 { tls = tls.DeepCopy() tls.SubjectAltNames = opts.serviceAccounts } if tls.CredentialName != "" {
Registered: Fri Jun 14 15:00:06 UTC 2024 - Last Modified: Thu Apr 18 19:09:43 UTC 2024 - 19.2K bytes - Viewed (0) -
docs/logging/README.md
sasl (on|off) set to 'on' to enable SASL authentication tls (on|off) set to 'on' to enable TLS tls_skip_verify (on|off) trust server TLS without verification, defaults to "on" (verify) client_tls_cert (path) path to client certificate for mTLS auth client_tls_key (path) path to client key for mTLS auth
Registered: Sun Jun 16 00:44:34 UTC 2024 - Last Modified: Thu May 09 17:15:03 UTC 2024 - 10.4K bytes - Viewed (0) -
pilot/pkg/networking/grpcgen/grpcgen_test.go
t.Run("gRPC-svc-tls", func(t *testing.T) { // Replaces: insecure.NewCredentials creds, err := xdscreds.NewServerCredentials(xdscreds.ServerOptions{FallbackCreds: insecure.NewCredentials()}) if err != nil { t.Fatal(err) } grpcOptions := []grpc.ServerOption{ grpc.Creds(creds), } bootstrapB := GRPCBootstrap("echo-rbac-mtls", "test", "127.0.1.1", xdsPort)
Registered: Fri Jun 14 15:00:06 UTC 2024 - Last Modified: Thu Mar 28 09:04:02 UTC 2024 - 16.9K bytes - Viewed (0) -
pkg/istio-agent/agent_test.go
} for _, r := range extraRoots { if err := peerCertVerifier.AddMappingFromPEM("cluster.local", r); err != nil { t.Fatal(err) } } return grpc.Creds(credentials.NewTLS(&tls.Config{ Certificates: []tls.Certificate{cert}, ClientAuth: tls.VerifyClientCertIfGiven, ClientCAs: peerCertVerifier.GetGeneralCertPool(), VerifyPeerCertificate: func(rawCerts [][]byte, verifiedChains [][]*x509.Certificate) error {
Registered: Fri Jun 14 15:00:06 UTC 2024 - Last Modified: Thu May 16 22:12:28 UTC 2024 - 33.4K bytes - Viewed (0) -
pkg/config/constants/constants.go
// CertChainFilename is mTLS chain file CertChainFilename = "cert-chain.pem" // KeyFilename is mTLS private key KeyFilename = "key.pem" // RootCertFilename is mTLS root cert RootCertFilename = "root-cert.pem" // ConfigPathDir config directory for storing envoy json config files. ConfigPathDir = "./etc/istio/proxy"
Registered: Fri Jun 14 15:00:06 UTC 2024 - Last Modified: Thu Jun 13 17:48:28 UTC 2024 - 10K bytes - Viewed (0) -
manifests/charts/istio-control/istio-discovery/files/grpc-agent.yaml
metadata: labels: {{/* security.istio.io/tlsMode: istio must be set by user, if gRPC is using mTLS initialization code. We can't set it automatically. */}}
Registered: Fri Jun 14 15:00:06 UTC 2024 - Last Modified: Fri Apr 26 16:51:17 UTC 2024 - 12.1K bytes - Viewed (0) -
tests/integration/telemetry/api/dashboard_test.go
"$service", ".*", "$srcns", ".*", "$srcwl", ".*", "$namespace", ".*", "$workload", ".*", "$dstsvc", ".*", "$adapter", ".*", "$qrep", "destination", // Just allow all mTLS settings rather than trying to send mtls and plaintext `connection_security_policy="unknown"`, `connection_security_policy=~".*"`, `connection_security_policy="mutual_tls"`, `connection_security_policy=~".*"`,
Registered: Fri Jun 14 15:00:06 UTC 2024 - Last Modified: Wed Jun 12 20:46:28 UTC 2024 - 11.4K bytes - Viewed (0) -
pilot/pkg/xds/endpoints/endpoint_builder.go
// For the SNI-DNAT clusters, we are using AUTO_PASSTHROUGH gateway. AUTO_PASSTHROUGH is intended // to passthrough mTLS requests. However, at the gateway we do not actually have any way to tell if the // request is a valid mTLS request or not, since its passthrough TLS. // To ensure we allow traffic only to mTLS endpoints, we filter out non-mTLS endpoints for these cluster types. locEps = b.EndpointsWithMTLSFilter(locEps) } return locEps }
Registered: Fri Jun 14 15:00:06 UTC 2024 - Last Modified: Sun Apr 28 02:18:19 UTC 2024 - 26.1K bytes - Viewed (0) -
manifests/charts/gateways/istio-ingress/templates/deployment.yaml
mountPath: /var/run/secrets/tokens readOnly: true {{- if .Values.global.mountMtlsCerts }} # Use the key and cert mounted to /etc/certs/ for the in-cluster mTLS communications. - name: istio-certs mountPath: /etc/certs readOnly: true {{- end }} - mountPath: /var/lib/istio/data name: istio-data
Registered: Fri Jun 14 15:00:06 UTC 2024 - Last Modified: Thu Apr 18 18:16:49 UTC 2024 - 12.1K bytes - Viewed (0)