- Sort Score
- Result 10 results
- Languages All
Results 51 - 60 of 390 for mtls (0.1 sec)
-
tests/integration/security/ca_custom_root/trust_domain_alias_secure_naming_test.go
kind: PeerAuthentication metadata: name: "mtls" spec: mtls: mode: STRICT --- apiVersion: networking.istio.io/v1alpha3 kind: DestinationRule metadata: name: "server-naked" spec: host: "*.local" trafficPolicy: tls: mode: ISTIO_MUTUAL ` ) // TestTrustDomainAliasSecureNaming scope:
Registered: Fri Jun 14 15:00:06 UTC 2024 - Last Modified: Mon Apr 08 22:02:59 UTC 2024 - 3.7K bytes - Viewed (0) -
pilot/pkg/security/authn/policy_applier_test.go
}), }, }, }, { name: "beta-mtls", peerIn: []*config.Config{ { Spec: &v1beta1.PeerAuthentication{ Mtls: &v1beta1.PeerAuthentication_MutualTLS{ Mode: v1beta1.PeerAuthentication_MutualTLS_STRICT, }, }, }, }, expected: nil, }, { name: "beta-mtls-disable", peerIn: []*config.Config{ {
Registered: Fri Jun 14 15:00:06 UTC 2024 - Last Modified: Fri Dec 01 07:32:22 UTC 2023 - 60.2K bytes - Viewed (0) -
pilot/pkg/xds/endpoints/ep_filters.go
} } // EndpointsWithMTLSFilter removes all endpoints that do not handle mTLS. This is determined by looking at // auto-mTLS, DestinationRule, and PeerAuthentication to determine if we would send mTLS to these endpoints. // Note there is no guarantee these destinations *actually* handle mTLS; just that we are configured to send mTLS to them.
Registered: Fri Jun 14 15:00:06 UTC 2024 - Last Modified: Wed May 29 01:17:58 UTC 2024 - 9.1K bytes - Viewed (0) -
pilot/pkg/serviceregistry/kube/controller/ambient/testdata/peer-authn-permissive-in.yaml
apiVersion: security.istio.io/v1beta1 kind: PeerAuthentication metadata: name: permissive-mtls spec: mtls:
Registered: Fri Jun 14 15:00:06 UTC 2024 - Last Modified: Thu Feb 29 18:40:34 UTC 2024 - 132 bytes - Viewed (0) -
internal/logger/help.go
Sensitive: true, Secret: true, }, config.HelpKV{ Key: ClientCert, Description: "mTLS certificate for webhook authentication", Optional: true, Type: "string", Sensitive: true, }, config.HelpKV{ Key: ClientKey, Description: "mTLS certificate key for webhook authentication", Optional: true, Type: "string", Sensitive: true, },
Registered: Sun Jun 16 00:44:34 UTC 2024 - Last Modified: Thu Mar 07 20:17:46 UTC 2024 - 6.4K bytes - Viewed (0) -
architecture/security/istio-agent.md
1. The `caClient` will be configured to use either JWT or mTLS authentication. For JWT authentication, gRPC's `PerRPCCredentials` is configured with a `TokenProvider` which handles the logic of adding the proper JWT to each request. mTLS is configured by a tls.Config that points to files on disk. It should be noted there is a circular dependency with mTLS authentication; in order to fetch a certificate we need
Registered: Fri Jun 14 15:00:06 UTC 2024 - Last Modified: Tue Aug 22 16:45:50 UTC 2023 - 7.2K bytes - Viewed (0) -
pilot/pkg/serviceregistry/kube/controller/ambient/testdata/peer-authn-strict-in.yaml
apiVersion: security.istio.io/v1beta1 kind: PeerAuthentication metadata: name: strict-mtls spec: mtls:
Registered: Fri Jun 14 15:00:06 UTC 2024 - Last Modified: Thu Feb 29 18:40:34 UTC 2024 - 125 bytes - Viewed (0) -
pilot/pkg/security/authn/factory.go
// It may return nil, if no authentication is needed. AuthNFilter(forSidecar bool) *hcm.HttpFilter // PortLevelSetting returns port level mTLS settings. PortLevelSetting() map[uint32]model.MutualTLSMode MtlsPolicy } type MtlsPolicy interface { // GetMutualTLSModeForPort gets the mTLS mode for the given port. If there is no port level setting, it // returns the inherited namespace/mesh level setting.
Registered: Fri Jun 14 15:00:06 UTC 2024 - Last Modified: Wed Apr 17 22:20:44 UTC 2024 - 3K bytes - Viewed (0) -
tests/integration/security/egress_sidecar_tls_origination_test.go
credWithCRL = "mtls-credential-generic-valid-crl" credWithDummyCRL = "mtls-credential-generic-dummy-crl" ) // Create a valid kubernetes secret to provision key/cert for sidecar. ingressutil.CreateIngressKubeSecretInNamespace(t, credNameGeneric, ingressutil.Mtls, ingressutil.IngressCredential{ Certificate: file.AsStringOrFail(t, path.Join(env.IstioSrc, "tests/testdata/certs/dns/cert-chain.pem")),
Registered: Fri Jun 14 15:00:06 UTC 2024 - Last Modified: Mon Apr 08 22:02:59 UTC 2024 - 10.4K bytes - Viewed (0) -
pilot/pkg/serviceregistry/kube/controller/ambient/testdata/peer-authn-strict-workload-in.yaml
apiVersion: security.istio.io/v1beta1 kind: PeerAuthentication metadata: name: strict-mtls spec: selector: matchLabels: app: a mtls:
Registered: Fri Jun 14 15:00:06 UTC 2024 - Last Modified: Thu Feb 29 18:40:34 UTC 2024 - 166 bytes - Viewed (0)