- Sort Score
- Result 10 results
- Languages All
Results 11 - 20 of 106 for mtls (0.06 sec)
-
tests/integration/security/reachability_test.go
expectCrossNetwork: never, expectSuccess: always, }, // --------start of auto mtls partial test cases --------------- // The follow three consecutive test together ensures the auto mtls works as intended // for sidecar migration scenario. { name: "migration no tls", configs: config.Sources{ config.File("testdata/reachability/global-peer-authn.yaml.tmpl"),
Registered: Fri Jun 14 15:00:06 UTC 2024 - Last Modified: Thu May 02 21:29:40 UTC 2024 - 20.6K bytes - Viewed (0) -
pilot/pkg/security/authn/policy_applier.go
} } } return outputPolicy } func isMtlsModeUnset(mtls *v1beta1.PeerAuthentication_MutualTLS) bool { return mtls == nil || mtls.Mode == v1beta1.PeerAuthentication_MutualTLS_UNSET
Registered: Fri Jun 14 15:00:06 UTC 2024 - Last Modified: Fri Feb 23 09:47:21 UTC 2024 - 19.2K bytes - Viewed (0) -
tests/integration/security/sds_ingress/util/util.go
) const ( // The ID/name for the certificate chain in kubernetes tls secret. tlsScrtCert = "tls.crt" // The ID/name for the k8sKey in kubernetes tls secret. tlsScrtKey = "tls.key" // The ID/name for the CA certificate in kubernetes tls secret tlsScrtCaCert = "ca.crt" // The ID/name for the CRL in kubernetes tls secret tlsScrtCaCrl = "ca.crl"
Registered: Fri Jun 14 15:00:06 UTC 2024 - Last Modified: Tue Jul 25 05:12:36 UTC 2023 - 20.2K bytes - Viewed (0) -
pilot/pkg/serviceregistry/serviceentry/conversion_test.go
makeInstance(httpStatic, "2.2.2.2", 18080, httpStatic.Spec.(*networking.ServiceEntry).Ports[1], nil, MTLS), makeInstance(httpStatic, "3.3.3.3", 1080, httpStatic.Spec.(*networking.ServiceEntry).Ports[0], nil, MTLS), makeInstance(httpStatic, "3.3.3.3", 8080, httpStatic.Spec.(*networking.ServiceEntry).Ports[1], nil, MTLS),
Registered: Fri Jun 14 15:00:06 UTC 2024 - Last Modified: Thu May 23 21:07:03 UTC 2024 - 39K bytes - Viewed (0) -
tests/integration/security/egress_gateway_origination_test.go
var ( credNameGeneric = "mtls-credential-generic" credNameNotGeneric = "mtls-credential-not-generic" fakeCredNameA = "fake-mtls-credential-a" credNameMissing = "mtls-credential-not-created" simpleCredName = "tls-credential-simple-cacert" credWithCRL = "mtls-credential-crl" credWithDummyCRL = "mtls-credential-dummy-crl" )
Registered: Fri Jun 14 15:00:06 UTC 2024 - Last Modified: Mon Apr 08 22:02:59 UTC 2024 - 15.4K bytes - Viewed (0) -
pilot/pkg/networking/core/listener_inbound.go
// to handle mTLS vs plaintext and HTTP vs TCP (depending on protocol and PeerAuthentication). var opts []FilterChainMatchOptions mtls := lb.authnBuilder.ForPort(cc.port.TargetPort) // Chain has explicit user TLS config. This can only apply when the TLS mode is DISABLE to avoid conflicts. if cc.tlsSettings != nil && mtls.Mode == model.MTLSDisable {
Registered: Fri Jun 14 15:00:06 UTC 2024 - Last Modified: Thu Jun 13 01:56:28 UTC 2024 - 35.1K bytes - Viewed (0) -
pilot/pkg/simulation/traffic.go
} // For simplicity, set SNI automatically for TLS traffic. if c.Sni == "" && (c.TLS == TLS) { c.Sni = c.HostHeader } if c.Path == "" { c.Path = "/" } if c.TLS == "" { c.TLS = Plaintext } if c.Address == "" { // pick a random address, assumption is the test does not care c.Address = "1.3.3.7" } if c.TLS == MTLS && c.Alpn == "" { c.Alpn = protocolToMTLSAlpn(c.Protocol)
Registered: Fri Jun 14 15:00:06 UTC 2024 - Last Modified: Thu Jun 13 01:56:28 UTC 2024 - 19.4K bytes - Viewed (0) -
docs/config/README.md
path_prefix (path) namespace prefix to isolate tenants e.g. "customer1/" coredns_path (path) shared bucket DNS records, default is "/skydns" client_cert (path) client cert for mTLS authentication client_cert_key (path) client cert key for mTLS authentication comment (sentence) optionally add a comment to this setting ``` or environment variables ``` KEY:
Registered: Sun Jun 16 00:44:34 UTC 2024 - Last Modified: Mon Sep 11 21:48:54 UTC 2023 - 17.7K bytes - Viewed (0) -
pilot/pkg/networking/grpcgen/lds.go
// auto-mtls label is set - clients will attempt to connect using mtls, and // gRPC doesn't support permissive. if node.Labels[label.SecurityTlsMode.Name] == "istio" && mode == model.MTLSPermissive { mode = model.MTLSStrict } var tlsContext *tls.DownstreamTlsContext if mode != model.MTLSDisable && mode != model.MTLSUnknown { tlsContext = &tls.DownstreamTlsContext{
Registered: Fri Jun 14 15:00:06 UTC 2024 - Last Modified: Wed Apr 17 22:20:44 UTC 2024 - 14.6K bytes - Viewed (0) -
tests/integration/telemetry/api/stats_test.go
// clt(https:443) -> sidecar(tls:443) -> istio-mtls -> (TLS:443)egress-gateway-> vs(tcp:443) -> cnn.com t.ConfigIstio().File(apps.Namespace.Name(), filepath.Join(base, "istio-mtls-dest-rule.yaml")).ApplyOrFail(t) t.ConfigIstio().File(apps.Namespace.Name(), filepath.Join(base, "istio-mtls-gateway.yaml")).ApplyOrFail(t) t.ConfigIstio().File(apps.Namespace.Name(), filepath.Join(base, "istio-mtls-vs.yaml")).ApplyOrFail(t)
Registered: Fri Jun 14 15:00:06 UTC 2024 - Last Modified: Mon Apr 08 22:02:59 UTC 2024 - 17.3K bytes - Viewed (0)