- Sort Score
- Result 10 results
- Languages All
Results 41 - 50 of 226 for mTLS (0.04 sec)
-
pilot/pkg/model/authentication_test.go
GroupVersionKind: gvk.PeerAuthentication, CreationTimestamp: baseTimestamp, Name: "default", Namespace: "foo", }, Spec: &securityBeta.PeerAuthentication{ Mtls: &securityBeta.PeerAuthentication_MutualTLS{ Mode: securityBeta.PeerAuthentication_MutualTLS_STRICT, }, }, }, { Meta: config.Meta{ GroupVersionKind: gvk.PeerAuthentication,
Registered: Fri Jun 14 15:00:06 UTC 2024 - Last Modified: Wed Apr 17 22:20:44 UTC 2024 - 45.1K bytes - Viewed (0) -
tests/integration/security/ca_custom_root/trust_domain_validation_test.go
) const ( httpPlaintext = "http-plaintext" httpMTLS = "http-mtls" tcpPlaintext = "tcp-plaintext" tcpMTLS = "tcp-mtls" tcpWL = "tcp-wl" passThrough = "tcp-mtls-pass-through" // policy to enable mTLS in client and server: // ports with plaintext: 8090 (http) and 8092 (tcp) // ports with mTLS: 8091 (http), 8093 (tcp) and 9000 (tcp passthrough). policy = `
Registered: Fri Jun 14 15:00:06 UTC 2024 - Last Modified: Mon Apr 08 22:02:59 UTC 2024 - 5.9K bytes - Viewed (0) -
tests/integration/security/ca_custom_root/trust_domain_alias_secure_naming_test.go
kind: PeerAuthentication metadata: name: "mtls" spec: mtls: mode: STRICT --- apiVersion: networking.istio.io/v1alpha3 kind: DestinationRule metadata: name: "server-naked" spec: host: "*.local" trafficPolicy: tls: mode: ISTIO_MUTUAL ` ) // TestTrustDomainAliasSecureNaming scope:
Registered: Fri Jun 14 15:00:06 UTC 2024 - Last Modified: Mon Apr 08 22:02:59 UTC 2024 - 3.7K bytes - Viewed (0) -
pilot/pkg/security/authn/policy_applier_test.go
}), }, }, }, { name: "beta-mtls", peerIn: []*config.Config{ { Spec: &v1beta1.PeerAuthentication{ Mtls: &v1beta1.PeerAuthentication_MutualTLS{ Mode: v1beta1.PeerAuthentication_MutualTLS_STRICT, }, }, }, }, expected: nil, }, { name: "beta-mtls-disable", peerIn: []*config.Config{ {
Registered: Fri Jun 14 15:00:06 UTC 2024 - Last Modified: Fri Dec 01 07:32:22 UTC 2023 - 60.2K bytes - Viewed (0) -
pilot/pkg/xds/endpoints/ep_filters.go
} } // EndpointsWithMTLSFilter removes all endpoints that do not handle mTLS. This is determined by looking at // auto-mTLS, DestinationRule, and PeerAuthentication to determine if we would send mTLS to these endpoints. // Note there is no guarantee these destinations *actually* handle mTLS; just that we are configured to send mTLS to them.
Registered: Fri Jun 14 15:00:06 UTC 2024 - Last Modified: Wed May 29 01:17:58 UTC 2024 - 9.1K bytes - Viewed (0) -
pilot/pkg/serviceregistry/kube/controller/ambient/testdata/peer-authn-permissive-in.yaml
apiVersion: security.istio.io/v1beta1 kind: PeerAuthentication metadata: name: permissive-mtls spec: mtls:
Registered: Fri Jun 14 15:00:06 UTC 2024 - Last Modified: Thu Feb 29 18:40:34 UTC 2024 - 132 bytes - Viewed (0) -
internal/logger/help.go
Sensitive: true, Secret: true, }, config.HelpKV{ Key: ClientCert, Description: "mTLS certificate for webhook authentication", Optional: true, Type: "string", Sensitive: true, }, config.HelpKV{ Key: ClientKey, Description: "mTLS certificate key for webhook authentication", Optional: true, Type: "string", Sensitive: true, },
Registered: Sun Jun 16 00:44:34 UTC 2024 - Last Modified: Thu Mar 07 20:17:46 UTC 2024 - 6.4K bytes - Viewed (0) -
architecture/security/istio-agent.md
1. The `caClient` will be configured to use either JWT or mTLS authentication. For JWT authentication, gRPC's `PerRPCCredentials` is configured with a `TokenProvider` which handles the logic of adding the proper JWT to each request. mTLS is configured by a tls.Config that points to files on disk. It should be noted there is a circular dependency with mTLS authentication; in order to fetch a certificate we need
Registered: Fri Jun 14 15:00:06 UTC 2024 - Last Modified: Tue Aug 22 16:45:50 UTC 2023 - 7.2K bytes - Viewed (0) -
pilot/pkg/serviceregistry/kube/controller/ambient/testdata/peer-authn-strict-in.yaml
apiVersion: security.istio.io/v1beta1 kind: PeerAuthentication metadata: name: strict-mtls spec: mtls:
Registered: Fri Jun 14 15:00:06 UTC 2024 - Last Modified: Thu Feb 29 18:40:34 UTC 2024 - 125 bytes - Viewed (0) -
pilot/pkg/security/authn/factory.go
// It may return nil, if no authentication is needed. AuthNFilter(forSidecar bool) *hcm.HttpFilter // PortLevelSetting returns port level mTLS settings. PortLevelSetting() map[uint32]model.MutualTLSMode MtlsPolicy } type MtlsPolicy interface { // GetMutualTLSModeForPort gets the mTLS mode for the given port. If there is no port level setting, it // returns the inherited namespace/mesh level setting.
Registered: Fri Jun 14 15:00:06 UTC 2024 - Last Modified: Wed Apr 17 22:20:44 UTC 2024 - 3K bytes - Viewed (0)