Search Options

Results per page
Sort
Preferred Languages
Advance

Results 31 - 40 of 244 for mTLS (0.06 sec)

  2. github.com/istio/istio

    pilot/pkg/credentials/kube/secrets_test.go 

    		{"generic-mtls-split-cacert", "default", "remote", "", "", "generic-mtls-split-ca"},
		// This is present in local and remote, but with a different value. We have the remote.
		{"tls", "default", "remote", "tls-cert-mod", "tls-key", ""},
		{"tls-mtls", "default", "remote", "tls-mtls-cert", "tls-mtls-key", "tls-mtls-ca"},
		{"tls-mtls-split", "default", "remote", "tls-mtls-split-cert", "tls-mtls-split-key", ""},
    Registered: Fri Jun 14 15:00:06 UTC 2024
    - Last Modified: Fri Feb 23 19:18:21 UTC 2024
    - 18.4K bytes
    - Viewed (0)
  3. github.com/istio/istio

    pilot/pkg/networking/core/filterchain_options.go 

    			return inboundPlainTextTCPFilterChainMatchOptions
		}
	}
}

func (opt FilterChainMatchOptions) ToTransportSocket(mtls authn.MTLSSettings) *tls.DownstreamTlsContext {
	if !opt.TLS {
		return nil
	}
	if opt.Protocol == networking.ListenerProtocolHTTP {
		return mtls.HTTP
	}
	return mtls.TCP
    Registered: Fri Jun 14 15:00:06 UTC 2024
    - Last Modified: Thu Mar 28 17:09:02 UTC 2024
    - 8.4K bytes
    - Viewed (0)
  4. github.com/istio/istio

    pilot/pkg/networking/core/peer_authentication_simulation_test.go 

    				{
					Name:   "mtls on port 8000",
					Call:   mkCall(8000, simulation.MTLS),
					Result: simulation.Result{ClusterMatched: "inbound|8000||"},
				},
				{
					Name:   "plaintext port 9000",
					Call:   mkCall(9000, simulation.Plaintext),
					Result: simulation.Result{ClusterMatched: "InboundPassthroughCluster"},
				},
				{
					Name:   "mtls port 9000",
					Call:   mkCall(9000, simulation.MTLS),
    Registered: Fri Jun 14 15:00:06 UTC 2024
    - Last Modified: Thu Jun 13 01:56:28 UTC 2024
    - 16.2K bytes
    - Viewed (0)
  5. github.com/istio/istio

    tests/integration/security/testdata/authz/plaintext.yaml.tmpl 

    # This configures all services within the namespace to use mTLS with permissive mode (allowing plaintext).

apiVersion: security.istio.io/v1beta1
kind: PeerAuthentication
metadata:
  name: ns-default
  namespace: {{ .To.NamespaceName }}
spec:
  mtls:
    mode: PERMISSIVE

---
# This configures requests to any service in the namespace to use mTLS.

apiVersion: networking.istio.io/v1beta1
kind: DestinationRule
metadata:
    Registered: Fri Jun 14 15:00:06 UTC 2024
    - Last Modified: Mon May 08 07:03:01 UTC 2023
    - 1.3K bytes
    - Viewed (0)
  6. github.com/istio/istio

    pilot/pkg/xds/sds_test.go 

    		Cert   string
		CaCert string
		CaCrl  string
	}
	allResources := []string{
		"kubernetes://generic", "kubernetes://generic-mtls", "kubernetes://generic-mtls-cacert",
		"kubernetes://generic-mtls-split", "kubernetes://generic-mtls-split-cacert", "kubernetes://generic-mtls-crl",
		"kubernetes://generic-mtls-crl-cacert",
	}
	cases := []struct {
		name                 string
		proxy                *model.Proxy
    Registered: Fri Jun 14 15:00:06 UTC 2024
    - Last Modified: Mon May 13 20:55:20 UTC 2024
    - 17.7K bytes
    - Viewed (0)
  7. github.com/istio/istio

    tests/integration/security/sds_ingress/ingress_test.go 

    }

// TestSingleMTLSGateway_ServerKeyCertRotation tests a single mTLS ingress gateway with SDS enabled.
// Verifies behavior in these scenarios.
// (1) create two kubernetes secrets to provision server key/cert and client CA cert, and
// verify that mTLS connection could establish to deliver HTTPS request.
// (2) replace kubernetes secret to rotate server key/cert, and verify that mTLS connection could
    Registered: Fri Jun 14 15:00:06 UTC 2024
    - Last Modified: Mon Apr 08 22:02:59 UTC 2024
    - 32.7K bytes
    - Viewed (0)
  8. github.com/istio/istio

    tests/integration/ambient/testdata/global-plaintext.yaml 

    # mTLS is disabled without destination rule.
apiVersion: security.istio.io/v1beta1
kind: PeerAuthentication
metadata:
  name: "default"
  annotations:
    test-suite: "beta-mtls-off"
spec:
  mtls:
    Registered: Fri Jun 14 15:00:06 UTC 2024
    - Last Modified: Thu Feb 16 18:55:23 UTC 2023
    - 215 bytes
    - Viewed (0)
  9. github.com/istio/istio

    pilot/pkg/xds/endpoints/ep_filters_test.go 

    					Mtls: &security.PeerAuthentication_MutualTLS{Mode: security.PeerAuthentication_MutualTLS_STRICT},
				},
			},
			IsMtlsDisabled: false,
		},
		"mtls-off-global": {
			Config: config.Config{
				Meta: config.Meta{
					GroupVersionKind: gvk.PeerAuthentication,
					Name:             "mtls-off",
					Namespace:        "istio-system",
				},
				Spec: &security.PeerAuthentication{
    Registered: Fri Jun 14 15:00:06 UTC 2024
    - Last Modified: Wed May 29 01:17:58 UTC 2024
    - 26.8K bytes
    - Viewed (0)
  10. github.com/istio/istio

    architecture/ambient/peer-authentication.md 

    # PeerAuthentication Implementation in Ambient
    Registered: Fri Jun 14 15:00:06 UTC 2024
    - Last Modified: Wed Aug 09 22:09:18 UTC 2023
    - 3.9K bytes
    - Viewed (0)
  11. github.com/istio/istio

    pilot/pkg/serviceregistry/kube/controller/ambient/testdata/peer-authn-disable-in.yaml 

    apiVersion: security.istio.io/v1beta1
kind: PeerAuthentication
metadata:
  name: disable-mtls
spec:
  mtls:
    Registered: Fri Jun 14 15:00:06 UTC 2024
    - Last Modified: Thu Feb 29 18:40:34 UTC 2024
    - 127 bytes
    - Viewed (0)
Back to top