- Sort Score
- Result 10 results
- Languages All
Results 101 - 110 of 1,465 for xtls (0.07 sec)
-
tests/testdata/networking/envoyfilter-without-service/configs.yaml
# Authentication policy to enable mutual TLS for all services (that have sidecar) in the mesh. apiVersion: security.istio.io/v1beta1 kind: PeerAuthentication metadata: name: default namespace: istio-config spec: mtls: mode: STRICT --- # Corresponding destination rule to configure client side to use mutual TLS when talking to # any service (host) in the mesh. apiVersion: networking.istio.io/v1alpha3 kind: DestinationRule metadata:
Registered: Fri Jun 14 15:00:06 UTC 2024 - Last Modified: Thu Jul 13 16:44:49 UTC 2023 - 1.8K bytes - Viewed (0) -
releasenotes/notes/fips.yaml
curves to `P-256`. These restrictions apply on the following data paths: * mTLS communication between Envoy proxies; * regular TLS on the downstream and the upstream of Envoy proxies (e.g. gateway); * Google gRPC side requests from Envoy proxies (e.g. Stackdriver extensions); * Istiod xDS server; * Istiod injection and validation webhook servers.
Registered: Fri Jun 14 15:00:06 UTC 2024 - Last Modified: Fri Feb 23 00:16:21 UTC 2024 - 1.2K bytes - Viewed (0) -
pilot/pkg/networking/grpcgen/lds.go
// auto-mtls label is set - clients will attempt to connect using mtls, and // gRPC doesn't support permissive. if node.Labels[label.SecurityTlsMode.Name] == "istio" && mode == model.MTLSPermissive { mode = model.MTLSStrict } var tlsContext *tls.DownstreamTlsContext if mode != model.MTLSDisable && mode != model.MTLSUnknown { tlsContext = &tls.DownstreamTlsContext{
Registered: Fri Jun 14 15:00:06 UTC 2024 - Last Modified: Wed Apr 17 22:20:44 UTC 2024 - 14.6K bytes - Viewed (0) -
pkg/features/security.go
var ( CompliancePolicy = env.Register("COMPLIANCE_POLICY", "", `If set, applies policy-specific restrictions over all existing TLS settings, including in-mesh mTLS and external TLS. Valid values are: * '' or unset places no additional restrictions. * 'fips-140-2' which enforces a version of the TLS protocol and a subset of cipher suites overriding any user preferences or defaults for all runtime
Registered: Fri Jun 14 15:00:06 UTC 2024 - Last Modified: Fri Feb 23 00:16:21 UTC 2024 - 1.6K bytes - Viewed (0) -
pkg/hbone/README.md
}, TLS: nil, // TLS is strongly recommended in real world }) client, _ := d.Dial("tcp", testAddr) client.Write([]byte("hello world")) ``` ### Server #### Server CLI A CLI client is available using the `server` binary. Usage examples: ```shell go install ./pkg/test/echo/cmd/server # Serve on port 15008 (default) with TLS
Registered: Fri Jun 14 15:00:06 UTC 2024 - Last Modified: Mon Jul 11 16:27:16 UTC 2022 - 1.6K bytes - Viewed (0) -
releasenotes/notes/34118.yaml
issue: - 33809 releaseNotes: - | **Added** Auto mTLS support for workload level peer authentication. You no longer need to configure destination rule when servers are configured with workload level peer authentication policy. This can be disabled by setting ENABLE_AUTO_MTLS_CHECK_POLICIES to "false". docs:
Registered: Fri Jun 14 15:00:06 UTC 2024 - Last Modified: Wed Jul 21 19:02:56 UTC 2021 - 480 bytes - Viewed (0) -
tests/integration/ambient/testdata/plaintext-to-permissive.yaml
metadata: name: default annotations: test-suite: plaintext-to-permissive spec: mtls: mode: PERMISSIVE --- apiVersion: networking.istio.io/v1alpha3 kind: DestinationRule metadata: name: default annotations: test-suite: plaintext-to-permissive spec: host: "*.local" trafficPolicy: tls:
Registered: Fri Jun 14 15:00:06 UTC 2024 - Last Modified: Thu Feb 16 18:55:23 UTC 2023 - 397 bytes - Viewed (0) -
tests/testdata/networking/sidecar-without-service/configs.yaml
- hosts: - "./*" --- # Authentication policy to enable mutual TLS for all services (that have sidecar) in the mesh. apiVersion: security.istio.io/v1beta1 kind: PeerAuthentication metadata: name: default namespace: istio-config spec: mtls: mode: STRICT --- # Corresponding destination rule to configure client side to use mutual TLS when talking to # any service (host) in the mesh.
Registered: Fri Jun 14 15:00:06 UTC 2024 - Last Modified: Mon Jan 04 17:16:38 UTC 2021 - 1.9K bytes - Viewed (0) -
pkg/config/analysis/analyzers/testdata/destinationrule-mutual-port.yaml
# No caCertificates when mode is mutual at port level apiVersion: networking.istio.io/v1alpha3 kind: DestinationRule metadata: name: db-mtls spec: host: mydbserver.prod.svc.cluster.local trafficPolicy: portLevelSettings: - port: number: 443 tls: mode: MUTUAL clientCertificate: /etc/certs/myclientcert.pem privateKey: /etc/certs/client_private_key.pem
Registered: Fri Jun 14 15:00:06 UTC 2024 - Last Modified: Wed Nov 17 12:28:05 UTC 2021 - 472 bytes - Viewed (0) -
tests/integration/security/reachability_test.go
expectCrossNetwork: never, expectSuccess: always, }, // --------start of auto mtls partial test cases --------------- // The follow three consecutive test together ensures the auto mtls works as intended // for sidecar migration scenario. { name: "migration no tls", configs: config.Sources{ config.File("testdata/reachability/global-peer-authn.yaml.tmpl"),
Registered: Fri Jun 14 15:00:06 UTC 2024 - Last Modified: Thu May 02 21:29:40 UTC 2024 - 20.6K bytes - Viewed (0)