- Sort Score
- Result 10 results
- Languages All
Results 61 - 70 of 347 for mtls (0.21 sec)
-
pilot/pkg/security/authn/policy_applier.go
} } } return outputPolicy } func isMtlsModeUnset(mtls *v1beta1.PeerAuthentication_MutualTLS) bool { return mtls == nil || mtls.Mode == v1beta1.PeerAuthentication_MutualTLS_UNSET
Registered: Fri Jun 14 15:00:06 UTC 2024 - Last Modified: Fri Feb 23 09:47:21 UTC 2024 - 19.2K bytes - Viewed (0) -
releasenotes/notes/35111.yaml
apiVersion: release-notes/v2 kind: feature area: security issue: - https://github.com/istio/istio/issues/35111 releaseNotes: - | **Added** TLS settings to the sidecar API in order to enable TLS/mTLS termination on the sidecar proxy for requests coming from outside the mesh. docs: - https://docs.google.com/document/d/15Qhr7errbylXEzxxCK7ij_oUpn4E5SFU2uDdl_n2GIc/edit#heading=h.h3lxcxfhqndp securityNotes: - |
Registered: Fri Jun 14 15:00:06 UTC 2024 - Last Modified: Fri Jan 14 00:19:57 UTC 2022 - 580 bytes - Viewed (0) -
tests/integration/security/sds_ingress/util/util.go
) const ( // The ID/name for the certificate chain in kubernetes tls secret. tlsScrtCert = "tls.crt" // The ID/name for the k8sKey in kubernetes tls secret. tlsScrtKey = "tls.key" // The ID/name for the CA certificate in kubernetes tls secret tlsScrtCaCert = "ca.crt" // The ID/name for the CRL in kubernetes tls secret tlsScrtCaCrl = "ca.crl"
Registered: Fri Jun 14 15:00:06 UTC 2024 - Last Modified: Tue Jul 25 05:12:36 UTC 2023 - 20.2K bytes - Viewed (0) -
pilot/pkg/serviceregistry/serviceentry/conversion_test.go
makeInstance(httpStatic, "2.2.2.2", 18080, httpStatic.Spec.(*networking.ServiceEntry).Ports[1], nil, MTLS), makeInstance(httpStatic, "3.3.3.3", 1080, httpStatic.Spec.(*networking.ServiceEntry).Ports[0], nil, MTLS), makeInstance(httpStatic, "3.3.3.3", 8080, httpStatic.Spec.(*networking.ServiceEntry).Ports[1], nil, MTLS),
Registered: Fri Jun 14 15:00:06 UTC 2024 - Last Modified: Thu May 23 21:07:03 UTC 2024 - 39K bytes - Viewed (0) -
tests/integration/security/egress_gateway_origination_test.go
var ( credNameGeneric = "mtls-credential-generic" credNameNotGeneric = "mtls-credential-not-generic" fakeCredNameA = "fake-mtls-credential-a" credNameMissing = "mtls-credential-not-created" simpleCredName = "tls-credential-simple-cacert" credWithCRL = "mtls-credential-crl" credWithDummyCRL = "mtls-credential-dummy-crl" )
Registered: Fri Jun 14 15:00:06 UTC 2024 - Last Modified: Mon Apr 08 22:02:59 UTC 2024 - 15.4K bytes - Viewed (0) -
tests/integration/pilot/grpc_probe_test.go
} ns := namespace.NewOrFail(t, t, namespace.Config{Prefix: "grpc-probe", Inject: true}) // apply strict mtls t.ConfigKube(t.Clusters().Configs()...).YAML(ns.Name(), ` apiVersion: security.istio.io/v1beta1 kind: PeerAuthentication metadata: name: grpc-probe-mtls spec: mtls: mode: STRICT`).ApplyOrFail(t) for _, testCase := range []struct { name string rewrite bool
Registered: Fri Jun 14 15:00:06 UTC 2024 - Last Modified: Thu May 02 21:29:40 UTC 2024 - 2.8K bytes - Viewed (0) -
tests/integration/security/mtls_healthcheck_test.go
) { ctx.Helper() wantSuccess := rewrite policyYAML := fmt.Sprintf(`apiVersion: security.istio.io/v1beta1 kind: PeerAuthentication metadata: name: "mtls-strict-for-%v" spec: selector: matchLabels: app: "%v" mtls: mode: STRICT `, name, name) ctx.ConfigIstio().YAML(ns.Name(), policyYAML).ApplyOrFail(ctx) var healthcheck echo.Instance cfg := echo.Config{ Namespace: ns,
Registered: Fri Jun 14 15:00:06 UTC 2024 - Last Modified: Thu May 02 21:29:40 UTC 2024 - 2.9K bytes - Viewed (0) -
manifests/addons/dashboards/istio-service-dashboard.json
"format": "time_series", "intervalFactor": 1, "legendFormat": "{{ source_workload }}.{{ source_workload_namespace }} : {{ response_code }} (🔐mTLS)", "refId": "A", "step": 2 }, { "datasource": { "type": "prometheus", "uid": "${datasource}" },
Registered: Fri Jun 14 15:00:06 UTC 2024 - Last Modified: Wed Mar 27 03:47:04 UTC 2024 - 111.8K bytes - Viewed (0) -
tests/integration/security/ca_custom_root/secure_naming_test.go
// - The certificate issued by CA to the sidecar is as expected and that strict mTLS works as expected. // - The plugin CA certs are correctly used in workload mTLS. // - The CA certificate in the configmap of each namespace is as expected, which // // is used for data plane to control plane TLS authentication. // // - Secure naming information is respected in the mTLS handshake. func TestSecureNaming(t *testing.T) { framework.NewTest(t).
Registered: Fri Jun 14 15:00:06 UTC 2024 - Last Modified: Mon Apr 08 22:02:59 UTC 2024 - 7.5K bytes - Viewed (0) -
pilot/pkg/networking/core/sidecar_simulation_test.go
}, Strict: simulation.Result{ // TLS, but not mTLS Error: simulation.ErrMTLSError, }, }, { Name: "mtls to http", Call: simulation.Call{ Port: 80, Protocol: simulation.HTTP, TLS: simulation.MTLS, CallMode: simulation.CallModeInbound, }, Disabled: simulation.Result{ // TLS is not terminated, so we will attempt to decode as HTTP and fail
Registered: Fri Jun 14 15:00:06 UTC 2024 - Last Modified: Thu Jun 13 01:56:28 UTC 2024 - 84.7K bytes - Viewed (0)