- Sort Score
- Result 10 results
- Languages All
Results 71 - 80 of 390 for mtls (0.31 sec)
-
tests/integration/pilot/grpc_probe_test.go
} ns := namespace.NewOrFail(t, t, namespace.Config{Prefix: "grpc-probe", Inject: true}) // apply strict mtls t.ConfigKube(t.Clusters().Configs()...).YAML(ns.Name(), ` apiVersion: security.istio.io/v1beta1 kind: PeerAuthentication metadata: name: grpc-probe-mtls spec: mtls: mode: STRICT`).ApplyOrFail(t) for _, testCase := range []struct { name string rewrite bool
Registered: Fri Jun 14 15:00:06 UTC 2024 - Last Modified: Thu May 02 21:29:40 UTC 2024 - 2.8K bytes - Viewed (0) -
tests/integration/security/mtls_healthcheck_test.go
) { ctx.Helper() wantSuccess := rewrite policyYAML := fmt.Sprintf(`apiVersion: security.istio.io/v1beta1 kind: PeerAuthentication metadata: name: "mtls-strict-for-%v" spec: selector: matchLabels: app: "%v" mtls: mode: STRICT `, name, name) ctx.ConfigIstio().YAML(ns.Name(), policyYAML).ApplyOrFail(ctx) var healthcheck echo.Instance cfg := echo.Config{ Namespace: ns,
Registered: Fri Jun 14 15:00:06 UTC 2024 - Last Modified: Thu May 02 21:29:40 UTC 2024 - 2.9K bytes - Viewed (0) -
manifests/addons/dashboards/istio-service-dashboard.json
"format": "time_series", "intervalFactor": 1, "legendFormat": "{{ source_workload }}.{{ source_workload_namespace }} : {{ response_code }} (🔐mTLS)", "refId": "A", "step": 2 }, { "datasource": { "type": "prometheus", "uid": "${datasource}" },
Registered: Fri Jun 14 15:00:06 UTC 2024 - Last Modified: Wed Mar 27 03:47:04 UTC 2024 - 111.8K bytes - Viewed (0) -
releasenotes/notes/passthrough-tls.yaml
apiVersion: release-notes/v2 kind: bug-fix area: security issue: - 31297 releaseNotes: - |
Registered: Fri Jun 14 15:00:06 UTC 2024 - Last Modified: Thu Mar 25 12:04:03 UTC 2021 - 231 bytes - Viewed (0) -
tests/integration/security/ca_custom_root/secure_naming_test.go
// - The certificate issued by CA to the sidecar is as expected and that strict mTLS works as expected. // - The plugin CA certs are correctly used in workload mTLS. // - The CA certificate in the configmap of each namespace is as expected, which // // is used for data plane to control plane TLS authentication. // // - Secure naming information is respected in the mTLS handshake. func TestSecureNaming(t *testing.T) { framework.NewTest(t).
Registered: Fri Jun 14 15:00:06 UTC 2024 - Last Modified: Mon Apr 08 22:02:59 UTC 2024 - 7.5K bytes - Viewed (0) -
pilot/pkg/networking/core/sidecar_simulation_test.go
}, Strict: simulation.Result{ // TLS, but not mTLS Error: simulation.ErrMTLSError, }, }, { Name: "mtls to http", Call: simulation.Call{ Port: 80, Protocol: simulation.HTTP, TLS: simulation.MTLS, CallMode: simulation.CallModeInbound, }, Disabled: simulation.Result{ // TLS is not terminated, so we will attempt to decode as HTTP and fail
Registered: Fri Jun 14 15:00:06 UTC 2024 - Last Modified: Thu Jun 13 01:56:28 UTC 2024 - 84.7K bytes - Viewed (0) -
internal/config/etcd/help.go
Type: "path", }, config.HelpKV{ Key: ClientCert, Description: `client cert for mTLS authentication` + defaultHelpPostfix(ClientCert), Optional: true, Type: "path", Sensitive: true, }, config.HelpKV{ Key: ClientCertKey, Description: `client cert key for mTLS authentication` + defaultHelpPostfix(ClientCertKey), Optional: true, Type: "path",
Registered: Sun Jun 16 00:44:34 UTC 2024 - Last Modified: Wed Apr 27 03:11:37 UTC 2022 - 2.1K bytes - Viewed (0) -
pilot/pkg/networking/core/listener_inbound.go
// to handle mTLS vs plaintext and HTTP vs TCP (depending on protocol and PeerAuthentication). var opts []FilterChainMatchOptions mtls := lb.authnBuilder.ForPort(cc.port.TargetPort) // Chain has explicit user TLS config. This can only apply when the TLS mode is DISABLE to avoid conflicts. if cc.tlsSettings != nil && mtls.Mode == model.MTLSDisable {
Registered: Fri Jun 14 15:00:06 UTC 2024 - Last Modified: Thu Jun 13 01:56:28 UTC 2024 - 35.1K bytes - Viewed (0) -
pkg/config/crd/validator_test.go
kind: PeerAuthentication metadata: name: default spec: mtls: mode: STRICT `, nil); err != nil { t.Fatal(err) } }) t.Run("invalid", func(t *testing.T) { if err := validator.ValidateCustomResourceYAML(` apiVersion: security.istio.io/v1beta1 kind: PeerAuthentication metadata: name: default spec: mtls: mode: BAD `, nil); err == nil { t.Fatal("expected error but got none")
Registered: Fri Jun 14 15:00:06 UTC 2024 - Last Modified: Tue Oct 17 15:38:40 UTC 2023 - 1.2K bytes - Viewed (0) -
tests/integration/security/testdata/reachability/global-peer-authn.yaml.tmpl
apiVersion: security.istio.io/v1beta1 kind: PeerAuthentication metadata: name: "default" spec: mtls:
Registered: Fri Jun 14 15:00:06 UTC 2024 - Last Modified: Wed Jul 06 18:43:28 UTC 2022 - 131 bytes - Viewed (0)