Navigation :
Installation
Tutorial
APIs
- aws.proto
- azure.proto
- circuit_breaker.proto
- connection.proto
- consul.proto
- descriptor.proto
- destination_rule.proto
- duration.proto
- extensions.proto
- fault.proto
- gateway.proto
- glooshot.proto
- glooshot.solo.io.project
- gogo.proto
- grpc.proto
- grpc_web.proto
- hcm.proto
- ingress.proto
- install.proto
- kubernetes.proto
- load_balancer.proto
- mesh.proto
- metadata.proto
- parameters.proto
- plugins.proto
- policy.proto
- prefix_rewrite.proto
- proxy.proto
- rbac.proto
- ref.proto
- rest.proto
- retries.proto
- routing.proto
- security.proto
- selector.proto
- service_spec.proto
- sidecar.proto
- solo-kit.proto
- ssl.proto
- static.proto
- status.proto
- struct.proto
- subset.proto
- subset_spec.proto
- timestamp.proto
- transformation.proto
- virtual_service.proto
- wrappers.proto
ssl.proto
Package: gloo.solo.io
Types:
SslConfig
SslConfig contains the options necessary to configure a virtual host or listener to use TLS
"secretRef" : .core.solo.io.ResourceRef
"sslFiles" : .gloo.solo.io.SSLFiles
"sds" : .gloo.solo.io.SDSConfig
"sniDomains" : [] string
"verifySubjectAltName" : [] string
"parameters" : .gloo.solo.io.SslParameters
Field
Type
Description
Default
secretRef
.core.solo.io.ResourceRef
SecretRef contains the secret ref to a gloo tls secret or a kubernetes tls secret. gloo tls secret can contain a root ca as well if verification is needed.
sslFiles
.gloo.solo.io.SSLFiles
SSLFiles reference paths to certificates which are local to the proxy
sds
.gloo.solo.io.SDSConfig
Use secret discovery service.
sniDomains
[]string
optional. the SNI domains that should be considered for TLS connections
verifySubjectAltName
[]string
Verify that the Subject Alternative Name in the peer certificate is one of the specified values. note that a root_ca must be provided if this option is used.
parameters
.gloo.solo.io.SslParameters
SSLFiles
SSLFiles reference paths to certificates which can be read by the proxy off of its local filesystem
"tlsCert" : string
"tlsKey" : string
"rootCa" : string
Field
Type
Description
Default
tlsCert
string
tlsKey
string
rootCa
string
for client cert validation. optional
UpstreamSslConfig
SslConfig contains the options necessary to configure a virtual host or listener to use TLS
"secretRef" : .core.solo.io.ResourceRef
"sslFiles" : .gloo.solo.io.SSLFiles
"sds" : .gloo.solo.io.SDSConfig
"sni" : string
"verifySubjectAltName" : [] string
"parameters" : .gloo.solo.io.SslParameters
Field
Type
Description
Default
secretRef
.core.solo.io.ResourceRef
SecretRef contains the secret ref to a gloo tls secret or a kubernetes tls secret. gloo tls secret can contain a root ca as well if verification is needed.
sslFiles
.gloo.solo.io.SSLFiles
SSLFiles reference paths to certificates which are local to the proxy
sds
.gloo.solo.io.SDSConfig
Use secret discovery service.
sni
string
optional. the SNI domains that should be considered for TLS connections
verifySubjectAltName
[]string
Verify that the Subject Alternative Name in the peer certificate is one of the specified values. note that a root_ca must be provided if this option is used.
parameters
.gloo.solo.io.SslParameters
SDSConfig
"targetUri" : string
"callCredentials" : .gloo.solo.io.CallCredentials
"certificatesSecretName" : string
"validationContextName" : string
Field
Type
Description
Default
targetUri
string
Target uri for the sds channel. currently only a unix domain socket is supported.
callCredentials
.gloo.solo.io.CallCredentials
Call credentials.
certificatesSecretName
string
The name of the secret containing the certificate
validationContextName
string
The name of secret containing the validation context (i.e. root ca)
CallCredentials
"fileCredentialSource" : .gloo.solo.io.CallCredentials.FileCredentialSource
FileCredentialSource
"tokenFileName" : string
"header" : string
Field
Type
Description
Default
tokenFileName
string
File containing auth token.
header
string
Header to carry the token.
SslParameters
General TLS parameters. See the envoy docs
for more information on the meaning of these values.
"minimumProtocolVersion" : .gloo.solo.io.SslParameters.ProtocolVersion
"maximumProtocolVersion" : .gloo.solo.io.SslParameters.ProtocolVersion
"cipherSuites" : [] string
"ecdhCurves" : [] string
ProtocolVersion
Name
Description
TLS_AUTO
Envoy will choose the optimal TLS version.
TLSv1_0
TLS 1.0
TLSv1_1
TLS 1.1
TLSv1_2
TLS 1.2
TLSv1_3
TLS 1.3