Search Options

Results per page
Sort
Preferred Languages
Advance

Results 31 - 40 of 390 for mtls (0.04 sec)

  2. github.com/istio/istio

    pkg/kube/inject/testdata/inject/hello-mount-mtls-certs.yaml.injected 

    John Howard <******@****.***> 1709052916 -0800
    Registered: Fri Jun 14 15:00:06 UTC 2024
    - Last Modified: Tue Feb 27 16:55:16 UTC 2024
    - 6.8K bytes
    - Viewed (0)
  3. github.com/istio/istio

    pilot/pkg/serviceregistry/kube/controller/ambient/testdata/peer-authn-strict-and-strict-port-mtls.yaml 

    John Howard <******@****.***> 1709232034 -0800
    Registered: Fri Jun 14 15:00:06 UTC 2024
    - Last Modified: Thu Feb 29 18:40:34 UTC 2024
    - Viewed (0)
  4. github.com/istio/istio

    tests/integration/security/pass_through_filter_chain_test.go 

    					// The request should be denied on port 8085 and 8071.
					name: "STRICT with DISABLE",
					config: `apiVersion: security.istio.io/v1beta1
kind: PeerAuthentication
metadata:
  name: {{ .To.ServiceName }}-mtls
spec:
  selector:
    matchLabels:
      app: {{ .To.ServiceName }}
  mtls:
    mode: STRICT
  portLevelMtls:
    Registered: Fri Jun 14 15:00:06 UTC 2024
    - Last Modified: Mon Apr 08 22:02:59 UTC 2024
    - 11.9K bytes
    - Viewed (0)
  5. github.com/istio/istio

    pkg/test/framework/features/allowlist.txt 

    cni,TestCNIReachability/global-mtls-on/headless->grpc://b:grpc
cni,TestCNIReachability/global-mtls-on/headless->grpc://headless:grpc
cni,TestCNIReachability/global-mtls-on/headless->grpc://multiversion:grpc
cni,TestCNIReachability/global-mtls-on/headless->grpc://naked:grpc
cni,TestCNIReachability/global-mtls-on/headless->http://a:http
cni,TestCNIReachability/global-mtls-on/headless->http://b:http
    Registered: Fri Jun 14 15:00:06 UTC 2024
    - Last Modified: Tue Oct 18 18:03:23 UTC 2022
    - 103.9K bytes
    - Viewed (0)
  6. github.com/istio/istio

    pilot/pkg/credentials/kube/secrets_test.go 

    			namespace: "default",
			cert:      "tls-mtls-cert",
			key:       "tls-mtls-key",
			caCert:    "tls-mtls-ca",
		},
		{
			name:      "tls-mtls-crl",
			namespace: "default",
			cert:      "tls-mtls-cert",
			key:       "tls-mtls-key",
			caCert:    "tls-mtls-ca",
			crl:       "tls-mtls-crl",
			caCrl:     "tls-mtls-crl",
		},
		{
			name:            "tls-mtls-split",
    Registered: Fri Jun 14 15:00:06 UTC 2024
    - Last Modified: Fri Feb 23 19:18:21 UTC 2024
    - 18.4K bytes
    - Viewed (0)
  7. github.com/istio/istio

    pilot/pkg/networking/core/filterchain_options.go 

    			return inboundPlainTextTCPFilterChainMatchOptions
		}
	}
}

func (opt FilterChainMatchOptions) ToTransportSocket(mtls authn.MTLSSettings) *tls.DownstreamTlsContext {
	if !opt.TLS {
		return nil
	}
	if opt.Protocol == networking.ListenerProtocolHTTP {
		return mtls.HTTP
	}
	return mtls.TCP
    Registered: Fri Jun 14 15:00:06 UTC 2024
    - Last Modified: Thu Mar 28 17:09:02 UTC 2024
    - 8.4K bytes
    - Viewed (0)
  8. github.com/istio/istio

    pilot/pkg/networking/core/peer_authentication_simulation_test.go 

    				{
					Name:   "mtls on port 8000",
					Call:   mkCall(8000, simulation.MTLS),
					Result: simulation.Result{ClusterMatched: "inbound|8000||"},
				},
				{
					Name:   "plaintext port 9000",
					Call:   mkCall(9000, simulation.Plaintext),
					Result: simulation.Result{ClusterMatched: "InboundPassthroughCluster"},
				},
				{
					Name:   "mtls port 9000",
					Call:   mkCall(9000, simulation.MTLS),
    Registered: Fri Jun 14 15:00:06 UTC 2024
    - Last Modified: Thu Jun 13 01:56:28 UTC 2024
    - 16.2K bytes
    - Viewed (0)
  9. github.com/istio/istio

    tests/integration/security/testdata/authz/plaintext.yaml.tmpl 

    # This configures all services within the namespace to use mTLS with permissive mode (allowing plaintext).

apiVersion: security.istio.io/v1beta1
kind: PeerAuthentication
metadata:
  name: ns-default
  namespace: {{ .To.NamespaceName }}
spec:
  mtls:
    mode: PERMISSIVE

---
# This configures requests to any service in the namespace to use mTLS.

apiVersion: networking.istio.io/v1beta1
kind: DestinationRule
metadata:
    Registered: Fri Jun 14 15:00:06 UTC 2024
    - Last Modified: Mon May 08 07:03:01 UTC 2023
    - 1.3K bytes
    - Viewed (0)
  10. github.com/istio/istio

    pilot/pkg/xds/sds_test.go 

    		Cert   string
		CaCert string
		CaCrl  string
	}
	allResources := []string{
		"kubernetes://generic", "kubernetes://generic-mtls", "kubernetes://generic-mtls-cacert",
		"kubernetes://generic-mtls-split", "kubernetes://generic-mtls-split-cacert", "kubernetes://generic-mtls-crl",
		"kubernetes://generic-mtls-crl-cacert",
	}
	cases := []struct {
		name                 string
		proxy                *model.Proxy
    Registered: Fri Jun 14 15:00:06 UTC 2024
    - Last Modified: Mon May 13 20:55:20 UTC 2024
    - 17.7K bytes
    - Viewed (0)
  11. github.com/istio/istio

    tests/integration/security/sds_ingress/ingress_test.go 

    }

// TestSingleMTLSGateway_ServerKeyCertRotation tests a single mTLS ingress gateway with SDS enabled.
// Verifies behavior in these scenarios.
// (1) create two kubernetes secrets to provision server key/cert and client CA cert, and
// verify that mTLS connection could establish to deliver HTTPS request.
// (2) replace kubernetes secret to rotate server key/cert, and verify that mTLS connection could
    Registered: Fri Jun 14 15:00:06 UTC 2024
    - Last Modified: Mon Apr 08 22:02:59 UTC 2024
    - 32.7K bytes
    - Viewed (0)
Back to top