- Sort Score
- Result 10 results
- Languages All
Results 51 - 60 of 1,177 for xtls (0.18 sec)
-
pilot/pkg/serviceregistry/kube/controller/ambient/testdata/peer-authn-strict-and-disable-port-mtls-in.yaml
apiVersion: security.istio.io/v1beta1 kind: PeerAuthentication metadata: name: strict-and-disable-mtls spec: selector: matchLabels: app: a mtls: mode: STRICT portLevelMtls: 9090:
Registered: Fri Jun 14 15:00:06 UTC 2024 - Last Modified: Thu Feb 29 18:40:34 UTC 2024 - 225 bytes - Viewed (0) -
pilot/pkg/serviceregistry/kube/controller/ambient/testdata/peer-authn-unset-port-mtls-strict.yaml
action: DENY groups: - rules: - matches: - destinationPorts: - 8080 notPrincipals: - presence: {} name: converted_peer_authentication_strict-mtls
Registered: Fri Jun 14 15:00:06 UTC 2024 - Last Modified: Thu Feb 29 18:40:34 UTC 2024 - 195 bytes - Viewed (0) -
pilot/pkg/serviceregistry/kube/controller/ambient/testdata/peer-authn-strict-and-permissive-port-mtls.yaml
action: DENY groups: - rules: - matches: - notPrincipals: - presence: {} - matches: - notDestinationPorts: - 9090 name: converted_peer_authentication_strict-and-permissive-mtls
Registered: Fri Jun 14 15:00:06 UTC 2024 - Last Modified: Thu Feb 29 18:40:34 UTC 2024 - 226 bytes - Viewed (0) -
pilot/pkg/serviceregistry/kube/controller/ambient/testdata/peer-authn-permissive-port-mtls-strict.yaml
action: DENY groups: - rules: - matches: - destinationPorts: - 9090 notPrincipals: - presence: {} name: converted_peer_authentication_permissive-strict-mtls
Registered: Fri Jun 14 15:00:06 UTC 2024 - Last Modified: Thu Feb 29 18:40:34 UTC 2024 - 206 bytes - Viewed (0) -
tests/integration/security/testdata/authz/plaintext.yaml.tmpl
# This configures all services within the namespace to use mTLS with permissive mode (allowing plaintext). apiVersion: security.istio.io/v1beta1 kind: PeerAuthentication metadata: name: ns-default namespace: {{ .To.NamespaceName }} spec: mtls: mode: PERMISSIVE --- # This configures requests to any service in the namespace to use mTLS. apiVersion: networking.istio.io/v1beta1 kind: DestinationRule metadata:
Registered: Fri Jun 14 15:00:06 UTC 2024 - Last Modified: Mon May 08 07:03:01 UTC 2023 - 1.3K bytes - Viewed (0) -
architecture/ambient/peer-authentication.md
the effective policy is `PERMISSIVE` (the default), the ztunnel will open a vanilla TLS HBONE tunnel (NOTE: this is not mTLS) to the Waypoint proxy and forward the traffic over that connection without presenting a client certificate. Therefore, it is absolutely critical that the waypoint proxy not assume any identity from incoming connections, even if the ztunnel is hairpinning. In other words, all traffic over TLS HBONE tunnels must be considered to be untrusted. From there, traffic is returned to...
Registered: Fri Jun 14 15:00:06 UTC 2024 - Last Modified: Wed Aug 09 22:09:18 UTC 2023 - 3.9K bytes - Viewed (0) -
pilot/pkg/xds/endpoints/ep_filters_test.go
Mtls: &security.PeerAuthentication_MutualTLS{Mode: security.PeerAuthentication_MutualTLS_STRICT}, }, }, IsMtlsDisabled: false, }, "mtls-off-global": { Config: config.Config{ Meta: config.Meta{ GroupVersionKind: gvk.PeerAuthentication, Name: "mtls-off", Namespace: "istio-system", }, Spec: &security.PeerAuthentication{
Registered: Fri Jun 14 15:00:06 UTC 2024 - Last Modified: Wed May 29 01:17:58 UTC 2024 - 26.8K bytes - Viewed (0) -
pilot/pkg/serviceregistry/kube/controller/ambient/testdata/peer-authn-strict-and-permissive-port-mtls-in.yaml
apiVersion: security.istio.io/v1beta1 kind: PeerAuthentication metadata: name: strict-and-permissive-mtls spec: selector: matchLabels: app: a mtls: mode: STRICT portLevelMtls: 9090:
Registered: Fri Jun 14 15:00:06 UTC 2024 - Last Modified: Thu Feb 29 18:40:34 UTC 2024 - 231 bytes - Viewed (0) -
pilot/pkg/config/kube/gateway/testdata/reference-policy-tls.yaml.golden
namespace: istio-system spec: servers: - hosts: - cert/cert1.domain.example port: name: default number: 443 protocol: HTTPS tls: credentialName: kubernetes-gateway://cert/cert mode: SIMPLE --- apiVersion: networking.istio.io/v1alpha3 kind: VirtualService metadata: annotations: internal.istio.io/parents: HTTPRoute/http.cert
Registered: Fri Jun 14 15:00:06 UTC 2024 - Last Modified: Mon Dec 11 20:21:53 UTC 2023 - 1.1K bytes - Viewed (0) -
pilot/pkg/networking/core/sidecar_simulation_test.go
{Port: port, Protocol: simulation.HTTP, TLS: simulation.Plaintext, HostHeader: "foo"}, {Port: port, Protocol: simulation.HTTP, TLS: simulation.TLS, HostHeader: "foo"}, {Port: port, Protocol: simulation.HTTP, TLS: simulation.TLS, HostHeader: "foo", Alpn: "http/1.1"}, {Port: port, Protocol: simulation.TCP, TLS: simulation.Plaintext, HostHeader: "foo"}, {Port: port, Protocol: simulation.HTTP2, TLS: simulation.TLS, HostHeader: "foo"}, } {
Registered: Fri Jun 14 15:00:06 UTC 2024 - Last Modified: Thu Jun 13 01:56:28 UTC 2024 - 84.7K bytes - Viewed (0)