- Sort Score
- Result 10 results
- Languages All
Results 71 - 80 of 271 for mtls (0.04 sec)
-
pilot/pkg/xds/testdata/benchmarks/strict.yaml
name: auto protocol: "" resolution: STATIC endpoints: - address: 1.1.1.1 --- apiVersion: security.istio.io/v1beta1 kind: PeerAuthentication metadata: name: default spec: mtls:
Registered: Fri Jun 14 15:00:06 UTC 2024 - Last Modified: Sat Jul 29 02:10:48 UTC 2023 - 594 bytes - Viewed (0) -
manifests/charts/istio-control/istio-discovery/templates/NOTES.txt
"pilot.ingress" "meshConfig.ingressService, meshConfig.ingressControllerMode, and meshConfig.ingressClass" "global.mtls.enabled" "the PeerAuthentication resource" "global.mtls.auto" "meshConfig.enableAutoMtls" "global.tracer.lightstep.address" "meshConfig.defaultConfig.tracing.lightstep.address"
Registered: Fri Jun 14 15:00:06 UTC 2024 - Last Modified: Thu May 16 20:02:28 UTC 2024 - 4.6K bytes - Viewed (0) -
pilot/pkg/networking/core/cluster_tls.go
Sni: tls.Sni, } cb.setAutoSniAndAutoSanValidation(c, tls) // Use subject alt names specified in service entry if TLS settings does not have subject alt names. if opts.serviceRegistry == provider.External && len(tls.SubjectAltNames) == 0 { tls = tls.DeepCopy() tls.SubjectAltNames = opts.serviceAccounts } if tls.CredentialName != "" {
Registered: Fri Jun 14 15:00:06 UTC 2024 - Last Modified: Thu Apr 18 19:09:43 UTC 2024 - 19.2K bytes - Viewed (0) -
releasenotes/notes/50132.yaml
For this to work, it must be configured as a `ClusterIP` Service with redirection enabled. This is colloquially referred to as a "gateway
Registered: Fri Jun 14 15:00:06 UTC 2024 - Last Modified: Thu Mar 28 17:09:09 UTC 2024 - 659 bytes - Viewed (0) -
docs/logging/README.md
sasl (on|off) set to 'on' to enable SASL authentication tls (on|off) set to 'on' to enable TLS tls_skip_verify (on|off) trust server TLS without verification, defaults to "on" (verify) client_tls_cert (path) path to client certificate for mTLS auth client_tls_key (path) path to client key for mTLS auth
Registered: Sun Jun 16 00:44:34 UTC 2024 - Last Modified: Thu May 09 17:15:03 UTC 2024 - 10.4K bytes - Viewed (0) -
operator/cmd/mesh/testdata/manifest-generate/input/gateways.yaml
ports: ## You can add custom gateway ports - google ILB default quota is 5 ports, - port: 15011 name: grpc-pilot-mtls - port: 8060 targetPort: 8060 name: tcp-citadel-grpc-tls # Port 5353 is forwarded to kube-dns - port: 5353 name: tcp-dns overlays: - kind: Deployment
Registered: Fri Jun 14 15:00:06 UTC 2024 - Last Modified: Thu Apr 18 18:16:49 UTC 2024 - 1.5K bytes - Viewed (0) -
pilot/pkg/networking/grpcgen/grpcgen_test.go
t.Run("gRPC-svc-tls", func(t *testing.T) { // Replaces: insecure.NewCredentials creds, err := xdscreds.NewServerCredentials(xdscreds.ServerOptions{FallbackCreds: insecure.NewCredentials()}) if err != nil { t.Fatal(err) } grpcOptions := []grpc.ServerOption{ grpc.Creds(creds), } bootstrapB := GRPCBootstrap("echo-rbac-mtls", "test", "127.0.1.1", xdsPort)
Registered: Fri Jun 14 15:00:06 UTC 2024 - Last Modified: Thu Mar 28 09:04:02 UTC 2024 - 16.9K bytes - Viewed (0) -
manifests/charts/istio-control/istio-discovery/templates/service.yaml
app: istiod istio: pilot release: {{ .Release.Name }} spec: ports: - port: 15010 name: grpc-xds # plaintext protocol: TCP - port: 15012 name: https-dns # mTLS with k8s-signed cert protocol: TCP - port: 443 name: https-webhook # validation and injection targetPort: 15017 protocol: TCP - port: 15014 name: http-monitoring # prometheus stats
Registered: Fri Jun 14 15:00:06 UTC 2024 - Last Modified: Thu Apr 18 18:16:49 UTC 2024 - 1.5K bytes - Viewed (0) -
releasenotes/notes/fips.yaml
curves to `P-256`. These restrictions apply on the following data paths: * mTLS communication between Envoy proxies; * regular TLS on the downstream and the upstream of Envoy proxies (e.g. gateway); * Google gRPC side requests from Envoy proxies (e.g. Stackdriver extensions); * Istiod xDS server; * Istiod injection and validation webhook servers.
Registered: Fri Jun 14 15:00:06 UTC 2024 - Last Modified: Fri Feb 23 00:16:21 UTC 2024 - 1.2K bytes - Viewed (0) -
pkg/istio-agent/agent_test.go
} for _, r := range extraRoots { if err := peerCertVerifier.AddMappingFromPEM("cluster.local", r); err != nil { t.Fatal(err) } } return grpc.Creds(credentials.NewTLS(&tls.Config{ Certificates: []tls.Certificate{cert}, ClientAuth: tls.VerifyClientCertIfGiven, ClientCAs: peerCertVerifier.GetGeneralCertPool(), VerifyPeerCertificate: func(rawCerts [][]byte, verifiedChains [][]*x509.Certificate) error {
Registered: Fri Jun 14 15:00:06 UTC 2024 - Last Modified: Thu May 16 22:12:28 UTC 2024 - 33.4K bytes - Viewed (0)