|
|
|
syntax = "proto3";
|
|
|
|
|
|
|
|
package envoy.admin.v3;
|
|
|
|
|
|
|
|
import "google/protobuf/timestamp.proto";
|
|
|
|
|
|
|
|
import "udpa/annotations/status.proto";
|
|
|
|
import "udpa/annotations/versioning.proto";
|
|
|
|
|
|
|
|
option java_package = "io.envoyproxy.envoy.admin.v3";
|
|
|
|
option java_outer_classname = "CertsProto";
|
|
|
|
option java_multiple_files = true;
|
|
|
|
option go_package = "github.com/envoyproxy/go-control-plane/envoy/admin/v3;adminv3";
|
|
|
|
option (udpa.annotations.file_status).package_version_status = ACTIVE;
|
|
|
|
|
|
|
|
// [#protodoc-title: Certificates]
|
|
|
|
|
|
|
|
// Proto representation of certificate details. Admin endpoint uses this wrapper for `/certs` to
|
|
|
|
// display certificate information. See :ref:`/certs <operations_admin_interface_certs>` for more
|
|
|
|
// information.
|
|
|
|
message Certificates {
|
|
|
|
option (udpa.annotations.versioning).previous_message_type = "envoy.admin.v2alpha.Certificates";
|
|
|
|
|
|
|
|
// List of certificates known to an Envoy.
|
|
|
|
repeated Certificate certificates = 1;
|
|
|
|
}
|
|
|
|
|
|
|
|
message Certificate {
|
|
|
|
option (udpa.annotations.versioning).previous_message_type = "envoy.admin.v2alpha.Certificate";
|
|
|
|
|
|
|
|
// Details of CA certificate.
|
|
|
|
repeated CertificateDetails ca_cert = 1;
|
|
|
|
|
|
|
|
// Details of Certificate Chain
|
|
|
|
repeated CertificateDetails cert_chain = 2;
|
|
|
|
}
|
|
|
|
|
|
|
|
// [#next-free-field: 8]
|
|
|
|
message CertificateDetails {
|
|
|
|
option (udpa.annotations.versioning).previous_message_type =
|
|
|
|
"envoy.admin.v2alpha.CertificateDetails";
|
|
|
|
|
|
|
|
message OcspDetails {
|
|
|
|
// Indicates the time from which the OCSP response is valid.
|
|
|
|
google.protobuf.Timestamp valid_from = 1;
|
|
|
|
|
|
|
|
// Indicates the time at which the OCSP response expires.
|
|
|
|
google.protobuf.Timestamp expiration = 2;
|
|
|
|
}
|
|
|
|
|
|
|
|
// Path of the certificate.
|
|
|
|
string path = 1;
|
|
|
|
|
|
|
|
// Certificate Serial Number.
|
|
|
|
string serial_number = 2;
|
|
|
|
|
|
|
|
// List of Subject Alternate names.
|
|
|
|
repeated SubjectAlternateName subject_alt_names = 3;
|
|
|
|
|
|
|
|
// Minimum of days until expiration of certificate and it's chain.
|
|
|
|
uint64 days_until_expiration = 4;
|
|
|
|
|
|
|
|
// Indicates the time from which the certificate is valid.
|
|
|
|
google.protobuf.Timestamp valid_from = 5;
|
|
|
|
|
|
|
|
// Indicates the time at which the certificate expires.
|
|
|
|
google.protobuf.Timestamp expiration_time = 6;
|
|
|
|
|
|
|
|
// Details related to the OCSP response associated with this certificate, if any.
|
|
|
|
OcspDetails ocsp_details = 7;
|
|
|
|
}
|
|
|
|
|
|
|
|
message SubjectAlternateName {
|
|
|
|
option (udpa.annotations.versioning).previous_message_type =
|
|
|
|
"envoy.admin.v2alpha.SubjectAlternateName";
|
|
|
|
|
|
|
|
// Subject Alternate Name.
|
|
|
|
oneof name {
|
|
|
|
string dns = 1;
|
|
|
|
|
|
|
|
string uri = 2;
|
|
|
|
|
|
|
|
string ip_address = 3;
|
|
|
|
}
|
|
|
|
}
|