Chiebot-Mirror
/
data-plane-api
mirror of https://github.com/envoyproxy/data-plane-api.git
8
0
Fork 0
Code Issues Projects Releases Wiki Activity

tls: support dual ECDSA/RSA certs via SDS (#16605)

Browse Source 
Risk Level: Low
Testing: Added integration test; possibly need more unit tests
Docs Changes: Documented in protos
Release Notes: Added

Signed-off-by: Greg Greenway <ggreenway@apple.com>

Mirrored from https://github.com/envoyproxy/envoy @ 7d4b2cae486b66b62ba0d3e1e348504699bea1bf
pull/624/head
data-plane-api(Azure Pipelines) 4 years ago
parent 9986c01e7c
commit dcfddb3c94
2 changed files with 14 additions and 2 deletions
Whitespace
Show all changes Ignore whitespace when comparing lines Ignore changes in amount of whitespace Ignore changes in whitespace at EOL
Split View
Diff Options
Show Stats Download Patch File Download Diff File
  1. 8
      envoy/extensions/transport_sockets/tls/v3/tls.proto
  2. 8
      envoy/extensions/transport_sockets/tls/v4alpha/tls.proto

8
envoy/extensions/transport_sockets/tls/v3/tls.proto
Unescape View File

@ -216,8 +216,14 @@ message CommonTlsContext {
// Configs for fetching TLS certificates via SDS API. Note SDS API allows certificates to be
// fetched/refreshed over the network asynchronously with respect to the TLS handshake.
//
// The same number and types of certificates as :ref:`tls_certificates <envoy_v3_api_field_extensions.transport_sockets.tls.v3.CommonTlsContext.tls_certificates>`
// are valid in the the certificates fetched through this setting.
//
// If :ref:`tls_certificates <envoy_v3_api_field_extensions.transport_sockets.tls.v3.CommonTlsContext.tls_certificates>`
// is non-empty, this field is ignored.
repeated SdsSecretConfig tls_certificate_sds_secret_configs = 6
[(validate.rules).repeated = {max_items: 1}];
[(validate.rules).repeated = {max_items: 2}];
// Certificate provider for fetching TLS certificates.
// [#not-implemented-hide:]

8
envoy/extensions/transport_sockets/tls/v4alpha/tls.proto
Unescape View File

@ -221,8 +221,14 @@ message CommonTlsContext {
// Configs for fetching TLS certificates via SDS API. Note SDS API allows certificates to be
// fetched/refreshed over the network asynchronously with respect to the TLS handshake.
//
// The same number and types of certificates as :ref:`tls_certificates <envoy_v3_api_field_extensions.transport_sockets.tls.v3.CommonTlsContext.tls_certificates>`
// are valid in the the certificates fetched through this setting.
//
// If :ref:`tls_certificates <envoy_v3_api_field_extensions.transport_sockets.tls.v3.CommonTlsContext.tls_certificates>`
// is non-empty, this field is ignored.
repeated SdsSecretConfig tls_certificate_sds_secret_configs = 6
[(validate.rules).repeated = {max_items: 1}];
[(validate.rules).repeated = {max_items: 2}];
// Certificate provider for fetching TLS certificates.
// [#not-implemented-hide:]

Write Preview
Loading…
Cancel
Save