- Sort Score
- Result 10 results
- Languages All
Results 41 - 50 of 196 for mtls (0.04 sec)
-
releasenotes/notes/30705.yaml
apiVersion: release-notes/v2 kind: feature area: networking issue: - 28798 releaseNotes: - | **Fixed** When using PeerAuthentication to turn off mTLS while using multi-network, non-mtls endpoints will be
Registered: Fri Jun 14 15:00:06 UTC 2024 - Last Modified: Tue Mar 30 17:53:03 UTC 2021 - 290 bytes - Viewed (0) -
tests/integration/security/ca_custom_root/trust_domain_alias_secure_naming_test.go
kind: PeerAuthentication metadata: name: "mtls" spec: mtls: mode: STRICT --- apiVersion: networking.istio.io/v1alpha3 kind: DestinationRule metadata: name: "server-naked" spec: host: "*.local" trafficPolicy: tls: mode: ISTIO_MUTUAL ` ) // TestTrustDomainAliasSecureNaming scope:
Registered: Fri Jun 14 15:00:06 UTC 2024 - Last Modified: Mon Apr 08 22:02:59 UTC 2024 - 3.7K bytes - Viewed (0) -
pilot/pkg/xds/endpoints/ep_filters.go
} } // EndpointsWithMTLSFilter removes all endpoints that do not handle mTLS. This is determined by looking at // auto-mTLS, DestinationRule, and PeerAuthentication to determine if we would send mTLS to these endpoints. // Note there is no guarantee these destinations *actually* handle mTLS; just that we are configured to send mTLS to them.
Registered: Fri Jun 14 15:00:06 UTC 2024 - Last Modified: Wed May 29 01:17:58 UTC 2024 - 9.1K bytes - Viewed (0) -
pilot/pkg/serviceregistry/kube/controller/ambient/testdata/peer-authn-permissive-in.yaml
apiVersion: security.istio.io/v1beta1 kind: PeerAuthentication metadata: name: permissive-mtls spec: mtls:
Registered: Fri Jun 14 15:00:06 UTC 2024 - Last Modified: Thu Feb 29 18:40:34 UTC 2024 - 132 bytes - Viewed (0) -
internal/logger/help.go
Sensitive: true, Secret: true, }, config.HelpKV{ Key: ClientCert, Description: "mTLS certificate for webhook authentication", Optional: true, Type: "string", Sensitive: true, }, config.HelpKV{ Key: ClientKey, Description: "mTLS certificate key for webhook authentication", Optional: true, Type: "string", Sensitive: true, },
Registered: Sun Jun 16 00:44:34 UTC 2024 - Last Modified: Thu Mar 07 20:17:46 UTC 2024 - 6.4K bytes - Viewed (0) -
architecture/security/istio-agent.md
1. The `caClient` will be configured to use either JWT or mTLS authentication. For JWT authentication, gRPC's `PerRPCCredentials` is configured with a `TokenProvider` which handles the logic of adding the proper JWT to each request. mTLS is configured by a tls.Config that points to files on disk. It should be noted there is a circular dependency with mTLS authentication; in order to fetch a certificate we need
Registered: Fri Jun 14 15:00:06 UTC 2024 - Last Modified: Tue Aug 22 16:45:50 UTC 2023 - 7.2K bytes - Viewed (0) -
pilot/pkg/serviceregistry/kube/controller/ambient/testdata/peer-authn-strict-in.yaml
apiVersion: security.istio.io/v1beta1 kind: PeerAuthentication metadata: name: strict-mtls spec: mtls:
Registered: Fri Jun 14 15:00:06 UTC 2024 - Last Modified: Thu Feb 29 18:40:34 UTC 2024 - 125 bytes - Viewed (0) -
pilot/pkg/security/authn/factory.go
// It may return nil, if no authentication is needed. AuthNFilter(forSidecar bool) *hcm.HttpFilter // PortLevelSetting returns port level mTLS settings. PortLevelSetting() map[uint32]model.MutualTLSMode MtlsPolicy } type MtlsPolicy interface { // GetMutualTLSModeForPort gets the mTLS mode for the given port. If there is no port level setting, it // returns the inherited namespace/mesh level setting.
Registered: Fri Jun 14 15:00:06 UTC 2024 - Last Modified: Wed Apr 17 22:20:44 UTC 2024 - 3K bytes - Viewed (0) -
pilot/pkg/serviceregistry/kube/controller/ambient/testdata/peer-authn-strict-workload-in.yaml
apiVersion: security.istio.io/v1beta1 kind: PeerAuthentication metadata: name: strict-mtls spec: selector: matchLabels: app: a mtls:
Registered: Fri Jun 14 15:00:06 UTC 2024 - Last Modified: Thu Feb 29 18:40:34 UTC 2024 - 166 bytes - Viewed (0) -
tests/integration/security/sds_ingress/quic/ingress_test.go
ingressutil.RunTestMultiQUICGateways(t, inst, ingressutil.TLS, namespace.Future(&echo1NS)) }) }) } // TestMtlsGatewaysWithQUIC deploys multiple mTLS gateways with SDS enabled, and creates kubernetes that store // private key, server certificate and CA certificate for each mTLS gateway. Verifies that client can communicate // by using both QUIC and TCP/mTLS func TestMtlsGatewaysWithQUIC(t *testing.T) { // nolint: staticcheck
Registered: Fri Jun 14 15:00:06 UTC 2024 - Last Modified: Mon Apr 08 22:02:59 UTC 2024 - 3.6K bytes - Viewed (0)