- Sort Score
- Result 10 results
- Languages All
Results 31 - 40 of 708 for xtls (0.12 sec)
-
pilot/pkg/xds/endpoints/ep_filters_test.go
Mtls: &security.PeerAuthentication_MutualTLS{Mode: security.PeerAuthentication_MutualTLS_STRICT}, }, }, IsMtlsDisabled: false, }, "mtls-off-global": { Config: config.Config{ Meta: config.Meta{ GroupVersionKind: gvk.PeerAuthentication, Name: "mtls-off", Namespace: "istio-system", }, Spec: &security.PeerAuthentication{
Registered: Fri Jun 14 15:00:06 UTC 2024 - Last Modified: Wed May 29 01:17:58 UTC 2024 - 26.8K bytes - Viewed (0) -
pilot/pkg/serviceregistry/kube/controller/ambient/testdata/peer-authn-strict-and-permissive-port-mtls-in.yaml
apiVersion: security.istio.io/v1beta1 kind: PeerAuthentication metadata: name: strict-and-permissive-mtls spec: selector: matchLabels: app: a mtls: mode: STRICT portLevelMtls: 9090:
Registered: Fri Jun 14 15:00:06 UTC 2024 - Last Modified: Thu Feb 29 18:40:34 UTC 2024 - 231 bytes - Viewed (0) -
pilot/pkg/networking/core/sidecar_simulation_test.go
{Port: port, Protocol: simulation.HTTP, TLS: simulation.Plaintext, HostHeader: "foo"}, {Port: port, Protocol: simulation.HTTP, TLS: simulation.TLS, HostHeader: "foo"}, {Port: port, Protocol: simulation.HTTP, TLS: simulation.TLS, HostHeader: "foo", Alpn: "http/1.1"}, {Port: port, Protocol: simulation.TCP, TLS: simulation.Plaintext, HostHeader: "foo"}, {Port: port, Protocol: simulation.HTTP2, TLS: simulation.TLS, HostHeader: "foo"}, } {
Registered: Fri Jun 14 15:00:06 UTC 2024 - Last Modified: Thu Jun 13 01:56:28 UTC 2024 - 84.7K bytes - Viewed (0) -
tests/integration/security/egress_gateway_origination_test.go
var ( credNameGeneric = "mtls-credential-generic" credNameNotGeneric = "mtls-credential-not-generic" fakeCredNameA = "fake-mtls-credential-a" credNameMissing = "mtls-credential-not-created" simpleCredName = "tls-credential-simple-cacert" credWithCRL = "mtls-credential-crl" credWithDummyCRL = "mtls-credential-dummy-crl" )
Registered: Fri Jun 14 15:00:06 UTC 2024 - Last Modified: Mon Apr 08 22:02:59 UTC 2024 - 15.4K bytes - Viewed (0) -
tests/integration/security/sds_ingress/quic/ingress_test.go
ingressutil.RunTestMultiQUICGateways(t, inst, ingressutil.TLS, namespace.Future(&echo1NS)) }) }) } // TestMtlsGatewaysWithQUIC deploys multiple mTLS gateways with SDS enabled, and creates kubernetes that store // private key, server certificate and CA certificate for each mTLS gateway. Verifies that client can communicate // by using both QUIC and TCP/mTLS func TestMtlsGatewaysWithQUIC(t *testing.T) { // nolint: staticcheck
Registered: Fri Jun 14 15:00:06 UTC 2024 - Last Modified: Mon Apr 08 22:02:59 UTC 2024 - 3.6K bytes - Viewed (0) -
tests/integration/security/egress_sidecar_tls_origination_test.go
credWithCRL = "mtls-credential-generic-valid-crl" credWithDummyCRL = "mtls-credential-generic-dummy-crl" ) // Create a valid kubernetes secret to provision key/cert for sidecar. ingressutil.CreateIngressKubeSecretInNamespace(t, credNameGeneric, ingressutil.Mtls, ingressutil.IngressCredential{ Certificate: file.AsStringOrFail(t, path.Join(env.IstioSrc, "tests/testdata/certs/dns/cert-chain.pem")),
Registered: Fri Jun 14 15:00:06 UTC 2024 - Last Modified: Mon Apr 08 22:02:59 UTC 2024 - 10.4K bytes - Viewed (0) -
pilot/pkg/serviceregistry/kube/controller/ambient/testdata/peer-authn-strict-and-disable-port-mtls.yaml
action: DENY groups: - rules: - matches: - notPrincipals: - presence: {} - matches: - notDestinationPorts: - 9090 name: converted_peer_authentication_strict-and-disable-mtls
Registered: Fri Jun 14 15:00:06 UTC 2024 - Last Modified: Thu Feb 29 18:40:34 UTC 2024 - 223 bytes - Viewed (0) -
pilot/pkg/simulation/traffic.go
} // For simplicity, set SNI automatically for TLS traffic. if c.Sni == "" && (c.TLS == TLS) { c.Sni = c.HostHeader } if c.Path == "" { c.Path = "/" } if c.TLS == "" { c.TLS = Plaintext } if c.Address == "" { // pick a random address, assumption is the test does not care c.Address = "1.3.3.7" } if c.TLS == MTLS && c.Alpn == "" { c.Alpn = protocolToMTLSAlpn(c.Protocol)
Registered: Fri Jun 14 15:00:06 UTC 2024 - Last Modified: Thu Jun 13 01:56:28 UTC 2024 - 19.4K bytes - Viewed (0) -
pilot/pkg/networking/core/cluster_tls.go
Sni: tls.Sni, } cb.setAutoSniAndAutoSanValidation(c, tls) // Use subject alt names specified in service entry if TLS settings does not have subject alt names. if opts.serviceRegistry == provider.External && len(tls.SubjectAltNames) == 0 { tls = tls.DeepCopy() tls.SubjectAltNames = opts.serviceAccounts } if tls.CredentialName != "" {
Registered: Fri Jun 14 15:00:06 UTC 2024 - Last Modified: Thu Apr 18 19:09:43 UTC 2024 - 19.2K bytes - Viewed (0) -
tests/integration/security/ca_custom_root/secure_naming_test.go
// - The certificate issued by CA to the sidecar is as expected and that strict mTLS works as expected. // - The plugin CA certs are correctly used in workload mTLS. // - The CA certificate in the configmap of each namespace is as expected, which // // is used for data plane to control plane TLS authentication. // // - Secure naming information is respected in the mTLS handshake. func TestSecureNaming(t *testing.T) { framework.NewTest(t).
Registered: Fri Jun 14 15:00:06 UTC 2024 - Last Modified: Mon Apr 08 22:02:59 UTC 2024 - 7.5K bytes - Viewed (0)