Interface UpstreamTlsContextOrBuilder
- All Superinterfaces:
com.google.protobuf.MessageLiteOrBuilder
,com.google.protobuf.MessageOrBuilder
- All Known Implementing Classes:
UpstreamTlsContext
,UpstreamTlsContext.Builder
public interface UpstreamTlsContextOrBuilder
extends com.google.protobuf.MessageOrBuilder
-
Method Summary
Modifier and TypeMethodDescriptionboolean
If true, server-initiated TLS renegotiation will be allowed.Common TLS context settings.Common TLS context settings.com.google.protobuf.BoolValue
This field is used to control the enforcement, whereby the handshake will fail if the keyUsage extension is present and incompatible with the TLS usage.com.google.protobuf.BoolValueOrBuilder
This field is used to control the enforcement, whereby the handshake will fail if the keyUsage extension is present and incompatible with the TLS usage.com.google.protobuf.UInt32Value
Maximum number of session keys (Pre-Shared Keys for TLSv1.3+, Session IDs and Session Tickets for TLSv1.2 and older) to store for the purpose of session resumption.com.google.protobuf.UInt32ValueOrBuilder
Maximum number of session keys (Pre-Shared Keys for TLSv1.3+, Session IDs and Session Tickets for TLSv1.2 and older) to store for the purpose of session resumption.getSni()
SNI string to use when creating TLS backend connections.com.google.protobuf.ByteString
SNI string to use when creating TLS backend connections.boolean
Common TLS context settings.boolean
This field is used to control the enforcement, whereby the handshake will fail if the keyUsage extension is present and incompatible with the TLS usage.boolean
Maximum number of session keys (Pre-Shared Keys for TLSv1.3+, Session IDs and Session Tickets for TLSv1.2 and older) to store for the purpose of session resumption.Methods inherited from interface com.google.protobuf.MessageLiteOrBuilder
isInitialized
Methods inherited from interface com.google.protobuf.MessageOrBuilder
findInitializationErrors, getAllFields, getDefaultInstanceForType, getDescriptorForType, getField, getInitializationErrorString, getOneofFieldDescriptor, getRepeatedField, getRepeatedFieldCount, getUnknownFields, hasField, hasOneof
-
Method Details
-
hasCommonTlsContext
boolean hasCommonTlsContext()Common TLS context settings. .. attention:: Server certificate verification is not enabled by default. Configure :ref:`trusted_ca<envoy_v3_api_field_extensions.transport_sockets.tls.v3.CertificateValidationContext.trusted_ca>` to enable verification.
.envoy.extensions.transport_sockets.tls.v3.CommonTlsContext common_tls_context = 1;
- Returns:
- Whether the commonTlsContext field is set.
-
getCommonTlsContext
CommonTlsContext getCommonTlsContext()Common TLS context settings. .. attention:: Server certificate verification is not enabled by default. Configure :ref:`trusted_ca<envoy_v3_api_field_extensions.transport_sockets.tls.v3.CertificateValidationContext.trusted_ca>` to enable verification.
.envoy.extensions.transport_sockets.tls.v3.CommonTlsContext common_tls_context = 1;
- Returns:
- The commonTlsContext.
-
getCommonTlsContextOrBuilder
CommonTlsContextOrBuilder getCommonTlsContextOrBuilder()Common TLS context settings. .. attention:: Server certificate verification is not enabled by default. Configure :ref:`trusted_ca<envoy_v3_api_field_extensions.transport_sockets.tls.v3.CertificateValidationContext.trusted_ca>` to enable verification.
.envoy.extensions.transport_sockets.tls.v3.CommonTlsContext common_tls_context = 1;
-
getSni
String getSni()SNI string to use when creating TLS backend connections.
string sni = 2 [(.validate.rules) = { ... }
- Returns:
- The sni.
-
getSniBytes
com.google.protobuf.ByteString getSniBytes()SNI string to use when creating TLS backend connections.
string sni = 2 [(.validate.rules) = { ... }
- Returns:
- The bytes for sni.
-
getAllowRenegotiation
boolean getAllowRenegotiation()If true, server-initiated TLS renegotiation will be allowed. .. attention:: TLS renegotiation is considered insecure and shouldn't be used unless absolutely necessary.
bool allow_renegotiation = 3;
- Returns:
- The allowRenegotiation.
-
hasMaxSessionKeys
boolean hasMaxSessionKeys()Maximum number of session keys (Pre-Shared Keys for TLSv1.3+, Session IDs and Session Tickets for TLSv1.2 and older) to store for the purpose of session resumption. Defaults to 1, setting this to 0 disables session resumption.
.google.protobuf.UInt32Value max_session_keys = 4;
- Returns:
- Whether the maxSessionKeys field is set.
-
getMaxSessionKeys
com.google.protobuf.UInt32Value getMaxSessionKeys()Maximum number of session keys (Pre-Shared Keys for TLSv1.3+, Session IDs and Session Tickets for TLSv1.2 and older) to store for the purpose of session resumption. Defaults to 1, setting this to 0 disables session resumption.
.google.protobuf.UInt32Value max_session_keys = 4;
- Returns:
- The maxSessionKeys.
-
getMaxSessionKeysOrBuilder
com.google.protobuf.UInt32ValueOrBuilder getMaxSessionKeysOrBuilder()Maximum number of session keys (Pre-Shared Keys for TLSv1.3+, Session IDs and Session Tickets for TLSv1.2 and older) to store for the purpose of session resumption. Defaults to 1, setting this to 0 disables session resumption.
.google.protobuf.UInt32Value max_session_keys = 4;
-
hasEnforceRsaKeyUsage
boolean hasEnforceRsaKeyUsage()This field is used to control the enforcement, whereby the handshake will fail if the keyUsage extension is present and incompatible with the TLS usage. Currently, the default value is false (i.e., enforcement off) but it is expected to be changed to true by default in a future release. ``ssl.was_key_usage_invalid`` in :ref:`listener metrics <config_listener_stats>` will be set for certificate configurations that would fail if this option were set to true.
.google.protobuf.BoolValue enforce_rsa_key_usage = 5;
- Returns:
- Whether the enforceRsaKeyUsage field is set.
-
getEnforceRsaKeyUsage
com.google.protobuf.BoolValue getEnforceRsaKeyUsage()This field is used to control the enforcement, whereby the handshake will fail if the keyUsage extension is present and incompatible with the TLS usage. Currently, the default value is false (i.e., enforcement off) but it is expected to be changed to true by default in a future release. ``ssl.was_key_usage_invalid`` in :ref:`listener metrics <config_listener_stats>` will be set for certificate configurations that would fail if this option were set to true.
.google.protobuf.BoolValue enforce_rsa_key_usage = 5;
- Returns:
- The enforceRsaKeyUsage.
-
getEnforceRsaKeyUsageOrBuilder
com.google.protobuf.BoolValueOrBuilder getEnforceRsaKeyUsageOrBuilder()This field is used to control the enforcement, whereby the handshake will fail if the keyUsage extension is present and incompatible with the TLS usage. Currently, the default value is false (i.e., enforcement off) but it is expected to be changed to true by default in a future release. ``ssl.was_key_usage_invalid`` in :ref:`listener metrics <config_listener_stats>` will be set for certificate configurations that would fail if this option were set to true.
.google.protobuf.BoolValue enforce_rsa_key_usage = 5;
-