程序包 istio.networking.v1alpha3

接口 GatewayOuterClass.ServerTLSSettingsOrBuilder

    • 方法概要

      所有方法 实例方法 抽象方法 
      修饰符和类型 方法 说明
      java.lang.String getCaCertificates()
      REQUIRED if mode is `MUTUAL`.
      com.google.protobuf.ByteString getCaCertificatesBytes()
      REQUIRED if mode is `MUTUAL`.
      java.lang.String getCipherSuites​(int index)
      Optional: If specified, only support the specified cipher list.
      com.google.protobuf.ByteString getCipherSuitesBytes​(int index)
      Optional: If specified, only support the specified cipher list.
      int getCipherSuitesCount()
      Optional: If specified, only support the specified cipher list.
      java.util.List<java.lang.String> getCipherSuitesList()
      Optional: If specified, only support the specified cipher list.
      java.lang.String getCredentialName()
      For gateways running on Kubernetes, the name of the secret that holds the TLS certs including the CA certificates.
      com.google.protobuf.ByteString getCredentialNameBytes()
      For gateways running on Kubernetes, the name of the secret that holds the TLS certs including the CA certificates.
      boolean getHttpsRedirect()
      If set to true, the load balancer will send a 301 redirect for all http connections, asking the clients to use HTTPS.
      GatewayOuterClass.ServerTLSSettings.TLSProtocol getMaxProtocolVersion()
      Optional: Maximum TLS protocol version.
      int getMaxProtocolVersionValue()
      Optional: Maximum TLS protocol version.
      GatewayOuterClass.ServerTLSSettings.TLSProtocol getMinProtocolVersion()
      Optional: Minimum TLS protocol version.
      int getMinProtocolVersionValue()
      Optional: Minimum TLS protocol version.
      GatewayOuterClass.ServerTLSSettings.TLSmode getMode()
      Optional: Indicates whether connections to this port should be secured using TLS.
      int getModeValue()
      Optional: Indicates whether connections to this port should be secured using TLS.
      java.lang.String getPrivateKey()
      REQUIRED if mode is `SIMPLE` or `MUTUAL`.
      com.google.protobuf.ByteString getPrivateKeyBytes()
      REQUIRED if mode is `SIMPLE` or `MUTUAL`.
      java.lang.String getServerCertificate()
      REQUIRED if mode is `SIMPLE` or `MUTUAL`.
      com.google.protobuf.ByteString getServerCertificateBytes()
      REQUIRED if mode is `SIMPLE` or `MUTUAL`.
      java.lang.String getSubjectAltNames​(int index)
      A list of alternate names to verify the subject identity in the certificate presented by the client.
      com.google.protobuf.ByteString getSubjectAltNamesBytes​(int index)
      A list of alternate names to verify the subject identity in the certificate presented by the client.
      int getSubjectAltNamesCount()
      A list of alternate names to verify the subject identity in the certificate presented by the client.
      java.util.List<java.lang.String> getSubjectAltNamesList()
      A list of alternate names to verify the subject identity in the certificate presented by the client.
      java.lang.String getVerifyCertificateHash​(int index)
      An optional list of hex-encoded SHA-256 hashes of the authorized client certificates.
      com.google.protobuf.ByteString getVerifyCertificateHashBytes​(int index)
      An optional list of hex-encoded SHA-256 hashes of the authorized client certificates.
      int getVerifyCertificateHashCount()
      An optional list of hex-encoded SHA-256 hashes of the authorized client certificates.
      java.util.List<java.lang.String> getVerifyCertificateHashList()
      An optional list of hex-encoded SHA-256 hashes of the authorized client certificates.
      java.lang.String getVerifyCertificateSpki​(int index)
      An optional list of base64-encoded SHA-256 hashes of the SKPIs of authorized client certificates.
      com.google.protobuf.ByteString getVerifyCertificateSpkiBytes​(int index)
      An optional list of base64-encoded SHA-256 hashes of the SKPIs of authorized client certificates.
      int getVerifyCertificateSpkiCount()
      An optional list of base64-encoded SHA-256 hashes of the SKPIs of authorized client certificates.
      java.util.List<java.lang.String> getVerifyCertificateSpkiList()
      An optional list of base64-encoded SHA-256 hashes of the SKPIs of authorized client certificates.

      • 从接口继承的方法 com.google.protobuf.MessageLiteOrBuilder

        isInitialized

      • 从接口继承的方法 com.google.protobuf.MessageOrBuilder

        findInitializationErrors, getAllFields, getDefaultInstanceForType, getDescriptorForType, getField, getInitializationErrorString, getOneofFieldDescriptor, getRepeatedField, getRepeatedFieldCount, getUnknownFields, hasField, hasOneof

    • 方法详细资料

      • getHttpsRedirect

        boolean getHttpsRedirect()
         If set to true, the load balancer will send a 301 redirect for
 all http connections, asking the clients to use HTTPS.
        bool https_redirect = 1;

      • getModeValue

        int getModeValue()
         Optional: Indicates whether connections to this port should be
 secured using TLS. The value of this field determines how TLS is
 enforced.
        .istio.networking.v1alpha3.ServerTLSSettings.TLSmode mode = 2;

      • getMode

        GatewayOuterClass.ServerTLSSettings.TLSmode getMode()
         Optional: Indicates whether connections to this port should be
 secured using TLS. The value of this field determines how TLS is
 enforced.
        .istio.networking.v1alpha3.ServerTLSSettings.TLSmode mode = 2;

      • getServerCertificate

        java.lang.String getServerCertificate()
         REQUIRED if mode is `SIMPLE` or `MUTUAL`. The path to the file
 holding the server-side TLS certificate to use.
        string server_certificate = 3;

      • getServerCertificateBytes

        com.google.protobuf.ByteString getServerCertificateBytes()
         REQUIRED if mode is `SIMPLE` or `MUTUAL`. The path to the file
 holding the server-side TLS certificate to use.
        string server_certificate = 3;

      • getPrivateKey

        java.lang.String getPrivateKey()
         REQUIRED if mode is `SIMPLE` or `MUTUAL`. The path to the file
 holding the server's private key.
        string private_key = 4;

      • getPrivateKeyBytes

        com.google.protobuf.ByteString getPrivateKeyBytes()
         REQUIRED if mode is `SIMPLE` or `MUTUAL`. The path to the file
 holding the server's private key.
        string private_key = 4;

      • getCaCertificates

        java.lang.String getCaCertificates()
         REQUIRED if mode is `MUTUAL`. The path to a file containing
 certificate authority certificates to use in verifying a presented
 client side certificate.
        string ca_certificates = 5;

      • getCaCertificatesBytes

        com.google.protobuf.ByteString getCaCertificatesBytes()
         REQUIRED if mode is `MUTUAL`. The path to a file containing
 certificate authority certificates to use in verifying a presented
 client side certificate.
        string ca_certificates = 5;

      • getCredentialName

        java.lang.String getCredentialName()
         For gateways running on Kubernetes, the name of the secret that
 holds the TLS certs including the CA certificates. Applicable
 only on Kubernetes. The secret (of type `generic`) should
 contain the following keys and values: `key:
 <privateKey>` and `cert: <serverCert>`. For mutual TLS, 
 `cacert: <CACertificate>` can be provided in the same secret or 
 a separate secret named `<secret>-cacert`.
 Secret of type tls for server certificates along with
 ca.crt key for CA certificates is also supported.
 Only one of server certificates and CA certificate
 or credentialName can be specified.
        string credential_name = 10;

      • getCredentialNameBytes

        com.google.protobuf.ByteString getCredentialNameBytes()
         For gateways running on Kubernetes, the name of the secret that
 holds the TLS certs including the CA certificates. Applicable
 only on Kubernetes. The secret (of type `generic`) should
 contain the following keys and values: `key:
 <privateKey>` and `cert: <serverCert>`. For mutual TLS, 
 `cacert: <CACertificate>` can be provided in the same secret or 
 a separate secret named `<secret>-cacert`.
 Secret of type tls for server certificates along with
 ca.crt key for CA certificates is also supported.
 Only one of server certificates and CA certificate
 or credentialName can be specified.
        string credential_name = 10;

      • getSubjectAltNamesList

        java.util.List<java.lang.String> getSubjectAltNamesList()
         A list of alternate names to verify the subject identity in the
 certificate presented by the client.
        repeated string subject_alt_names = 6;

      • getSubjectAltNamesCount

        int getSubjectAltNamesCount()
         A list of alternate names to verify the subject identity in the
 certificate presented by the client.
        repeated string subject_alt_names = 6;

      • getSubjectAltNames

        java.lang.String getSubjectAltNames​(int index)
         A list of alternate names to verify the subject identity in the
 certificate presented by the client.
        repeated string subject_alt_names = 6;

      • getSubjectAltNamesBytes

        com.google.protobuf.ByteString getSubjectAltNamesBytes​(int index)
         A list of alternate names to verify the subject identity in the
 certificate presented by the client.
        repeated string subject_alt_names = 6;

      • getVerifyCertificateSpkiList

        java.util.List<java.lang.String> getVerifyCertificateSpkiList()
         An optional list of base64-encoded SHA-256 hashes of the SKPIs of
 authorized client certificates.
 Note: When both verify_certificate_hash and verify_certificate_spki
 are specified, a hash matching either value will result in the
 certificate being accepted.
        repeated string verify_certificate_spki = 11;

      • getVerifyCertificateSpkiCount

        int getVerifyCertificateSpkiCount()
         An optional list of base64-encoded SHA-256 hashes of the SKPIs of
 authorized client certificates.
 Note: When both verify_certificate_hash and verify_certificate_spki
 are specified, a hash matching either value will result in the
 certificate being accepted.
        repeated string verify_certificate_spki = 11;

      • getVerifyCertificateSpki

        java.lang.String getVerifyCertificateSpki​(int index)
         An optional list of base64-encoded SHA-256 hashes of the SKPIs of
 authorized client certificates.
 Note: When both verify_certificate_hash and verify_certificate_spki
 are specified, a hash matching either value will result in the
 certificate being accepted.
        repeated string verify_certificate_spki = 11;

      • getVerifyCertificateSpkiBytes

        com.google.protobuf.ByteString getVerifyCertificateSpkiBytes​(int index)
         An optional list of base64-encoded SHA-256 hashes of the SKPIs of
 authorized client certificates.
 Note: When both verify_certificate_hash and verify_certificate_spki
 are specified, a hash matching either value will result in the
 certificate being accepted.
        repeated string verify_certificate_spki = 11;

      • getVerifyCertificateHashList

        java.util.List<java.lang.String> getVerifyCertificateHashList()
         An optional list of hex-encoded SHA-256 hashes of the
 authorized client certificates. Both simple and colon separated
 formats are acceptable.
 Note: When both verify_certificate_hash and verify_certificate_spki
 are specified, a hash matching either value will result in the
 certificate being accepted.
        repeated string verify_certificate_hash = 12;

      • getVerifyCertificateHashCount

        int getVerifyCertificateHashCount()
         An optional list of hex-encoded SHA-256 hashes of the
 authorized client certificates. Both simple and colon separated
 formats are acceptable.
 Note: When both verify_certificate_hash and verify_certificate_spki
 are specified, a hash matching either value will result in the
 certificate being accepted.
        repeated string verify_certificate_hash = 12;

      • getVerifyCertificateHash

        java.lang.String getVerifyCertificateHash​(int index)
         An optional list of hex-encoded SHA-256 hashes of the
 authorized client certificates. Both simple and colon separated
 formats are acceptable.
 Note: When both verify_certificate_hash and verify_certificate_spki
 are specified, a hash matching either value will result in the
 certificate being accepted.
        repeated string verify_certificate_hash = 12;

      • getVerifyCertificateHashBytes

        com.google.protobuf.ByteString getVerifyCertificateHashBytes​(int index)
         An optional list of hex-encoded SHA-256 hashes of the
 authorized client certificates. Both simple and colon separated
 formats are acceptable.
 Note: When both verify_certificate_hash and verify_certificate_spki
 are specified, a hash matching either value will result in the
 certificate being accepted.
        repeated string verify_certificate_hash = 12;

      • getMinProtocolVersionValue

        int getMinProtocolVersionValue()
         Optional: Minimum TLS protocol version.
        .istio.networking.v1alpha3.ServerTLSSettings.TLSProtocol min_protocol_version = 7;

      • getMaxProtocolVersionValue

        int getMaxProtocolVersionValue()
         Optional: Maximum TLS protocol version.
        .istio.networking.v1alpha3.ServerTLSSettings.TLSProtocol max_protocol_version = 8;

      • getCipherSuitesList

        java.util.List<java.lang.String> getCipherSuitesList()
         Optional: If specified, only support the specified cipher list.
 Otherwise default to the default cipher list supported by Envoy.
        repeated string cipher_suites = 9;

      • getCipherSuitesCount

        int getCipherSuitesCount()
         Optional: If specified, only support the specified cipher list.
 Otherwise default to the default cipher list supported by Envoy.
        repeated string cipher_suites = 9;

      • getCipherSuites

        java.lang.String getCipherSuites​(int index)
         Optional: If specified, only support the specified cipher list.
 Otherwise default to the default cipher list supported by Envoy.
        repeated string cipher_suites = 9;

      • getCipherSuitesBytes

        com.google.protobuf.ByteString getCipherSuitesBytes​(int index)
         Optional: If specified, only support the specified cipher list.
 Otherwise default to the default cipher list supported by Envoy.
        repeated string cipher_suites = 9;