- Sort Score
- Result 10 results
- Languages All
Results 201 - 210 of 390 for mtls (0.1 sec)
-
tests/integration/pilot/testdata/upgrade/1.10.0-install.yaml.tar
/etc/istio/proxy name: istio-envoy {{- if eq .Values.global.jwtPolicy "third-party-jwt" }} - mountPath: /var/run/secrets/tokens name: istio-token {{- end }} {{- if .Values.global.mountMtlsCerts }} # Use the key and cert mounted to /etc/certs/ for the in-cluster mTLS communications. - mountPath: /etc/certs/ name: istio-certs readOnly: true {{- end }} - name: istio-podinfo mountPath: /etc/istio/pod {{- if and (eq .Values.global.proxy.tracer "lightstep") .ProxyConfig.GetTracing.GetTlsSettings }} - mountPath: {{ directory...
Registered: Fri Jun 14 15:00:06 UTC 2024 - Last Modified: Tue Jun 01 19:57:24 UTC 2021 - 80K bytes - Viewed (0) -
pilot/pkg/security/model/authentication.go
tlsContext.TlsCertificateSdsSecretConfigs = []*tls.SdsSecretConfig{ ConstructSdsSecretConfig(model.GetOrDefault(res.GetResourceName(), SDSDefaultResourceName)), } } // ApplyCustomSDSToClientCommonTLSContext applies the customized sds to CommonTlsContext // Used for building upstream TLS context for egress gateway's TLS/mTLS origination func ApplyCustomSDSToClientCommonTLSContext(tlsContext *tls.CommonTlsContext,
Registered: Fri Jun 14 15:00:06 UTC 2024 - Last Modified: Thu Mar 28 22:11:02 UTC 2024 - 9.9K bytes - Viewed (0) -
operator/cmd/mesh/testdata/manifest-generate/output/pilot_default.golden.yaml
name: istio-token {{- end }} {{- if .Values.global.mountMtlsCerts }} # Use the key and cert mounted to /etc/certs/ for the in-cluster mTLS communications. - mountPath: /etc/certs/ name: istio-certs readOnly: true {{- end }} - name: istio-podinfo mountPath: /etc/istio/pod
Registered: Fri Jun 14 15:00:06 UTC 2024 - Last Modified: Wed Jan 10 05:10:03 UTC 2024 - 102.6K bytes - Viewed (0) -
manifests/charts/istiod-remote/files/injection-template.yaml
name: istio-envoy - mountPath: /var/run/secrets/tokens name: istio-token {{- if .Values.global.mountMtlsCerts }} # Use the key and cert mounted to /etc/certs/ for the in-cluster mTLS communications. - mountPath: /etc/certs/ name: istio-certs readOnly: true {{- end }} - name: istio-podinfo mountPath: /etc/istio/pod
Registered: Fri Jun 14 15:00:06 UTC 2024 - Last Modified: Fri May 10 21:01:52 UTC 2024 - 23.8K bytes - Viewed (0) -
pkg/test/framework/components/echo/check/checkers.go
// Non-HTTP traffic. Fail open, we cannot check mTLS. return nil } if isMTLS(r) { return nil } return fmt.Errorf("expected X-Forwarded-Client-Cert but not found: %v", r) }) } func PlaintextForHTTP() echo.Checker { return Each(func(r echoClient.Response) error { if !isHTTPProtocol(r) { // Non-HTTP traffic. Fail open, we cannot check mTLS. return nil } if !isMTLS(r) {
Registered: Fri Jun 14 15:00:06 UTC 2024 - Last Modified: Fri Mar 03 16:19:07 UTC 2023 - 17.5K bytes - Viewed (0) -
staging/src/k8s.io/apiserver/pkg/server/egressselector/config.go
allErrs = append(allErrs, field.Invalid( fldPath.Child("tlsConfig", "caBundle"), tlsConfig.CABundle, "TLS config ca bundle does not exist")) } } if tlsConfig.ClientCert == "" { allErrs = append(allErrs, field.Invalid( fldPath.Child("tlsConfig", "clientCert"), "nil", "Using TLS requires clientCert"))
Registered: Sat Jun 15 01:39:40 UTC 2024 - Last Modified: Thu Jun 29 15:48:39 UTC 2023 - 8.6K bytes - Viewed (0) -
operator/cmd/mesh/testdata/manifest-generate/data-snapshot.tar.gz
See more details at: https://istio.io/docs/reference/config/security/peer_authentication.html' properties: mtls: description: Mutual TLS settings for workload. properties: mode: description: Defines the mTLS mode used for peer authentication. enum: - UNSET - DISABLE - PERMISSIVE - STRICT type: string type: object portLevelMtls: additionalProperties: properties: mode: description: Defines the mTLS mode used for peer authentication. enum: - UNSET - DISABLE - PERMISSIVE - STRICT type: string type: object...
Registered: Fri Jun 14 15:00:06 UTC 2024 - Last Modified: Wed Jan 10 05:10:03 UTC 2024 - 198.1K bytes - Viewed (0) -
tests/integration/pilot/testdata/upgrade/1.9.5-install.yaml.tar
/etc/istio/proxy name: istio-envoy {{- if eq .Values.global.jwtPolicy "third-party-jwt" }} - mountPath: /var/run/secrets/tokens name: istio-token {{- end }} {{- if .Values.global.mountMtlsCerts }} # Use the key and cert mounted to /etc/certs/ for the in-cluster mTLS communications. - mountPath: /etc/certs/ name: istio-certs readOnly: true {{- end }} - name: istio-podinfo mountPath: /etc/istio/pod {{- if and (eq .Values.global.proxy.tracer "lightstep") .ProxyConfig.GetTracing.GetTlsSettings }} - mountPath: {{ directory...
Registered: Fri Jun 14 15:00:06 UTC 2024 - Last Modified: Tue Jun 01 19:57:24 UTC 2021 - 80K bytes - Viewed (0) -
operator/README.md
##### --set syntax The CLI `--set` option can be used to override settings within the profile. For example, to enable auto mTLS, use `istioctl manifest generate --set values.global.mtls.auto=true --set values.global.controlPlaneSecurityEnabled=true` To override a setting that includes dots, escape them with a backslash (\). Your shell may require enclosing quotes. ``` bash
Registered: Fri Jun 14 15:00:06 UTC 2024 - Last Modified: Sun Sep 17 08:27:52 UTC 2023 - 17.5K bytes - Viewed (0) -
pkg/security/security.go
OutputKeyCertToDir string // ProvCert is the directory for client to provide the key and certificate to CA server when authenticating // with mTLS. This is not used for workload mTLS communication, and is ProvCert string // ClusterID is the cluster where the agent resides. // Normally initialized from ISTIO_META_CLUSTER_ID - after a tortuous journey it
Registered: Fri Jun 14 15:00:06 UTC 2024 - Last Modified: Thu Jun 13 17:48:28 UTC 2024 - 19.1K bytes - Viewed (0)