Home

envoy.extensions.transport_sockets.tls.v3.CertificateValidationContext

Example

Disclaimer: The example is meant to show what methods are available on the object and does not necessarily constitute working code. 
local types = import 'types.libsonnet';

types.envoy.extensions.transport_sockets.tls.v3.CertificateValidationContext
.withAllowExpiredCertificate(false)
.withCaCertificateProviderInstance(types.envoy.extensions.transport_sockets.tls.v3.CertificateProviderPluginInstance)
.withCrl(types.envoy.config.core.v3.DataSource)
.withCustomValidatorConfig(types.envoy.config.core.v3.TypedExtensionConfig)
.withMatchSubjectAltNames([ types.envoy.type.matcher.v3.StringMatcher ])
.withMatchTypedSubjectAltNames([ types.envoy.extensions.transport_sockets.tls.v3.SubjectAltNameMatcher ])
.withMaxVerifyDepth(1)
.withOnlyVerifyLeafCertCrl(false)
.withRequireSignedCertificateTimestamp(false)
.withTrustChainVerification(types.envoy.extensions.transport_sockets.tls.v3.CertificateValidationContext.TrustChainVerification.VERIFY_TRUST_CHAIN)
.withTrustedCa(types.envoy.config.core.v3.DataSource)
.withVerifyCertificateHash([ 'string' ])
.withVerifyCertificateSpki([ 'string' ])
.withWatchedDirectory(types.envoy.config.core.v3.WatchedDirectory)
._validate()

Nested Enums

Fields

Name Type One-of group Required Constraints
allow_expired_certificate bool  
ca_certificate_provider_instance envoy.extensions.transport_sockets.tls.v3.CertificateProviderPluginInstance  
crl envoy.config.core.v3.DataSource  
custom_validator_config envoy.config.core.v3.TypedExtensionConfig  
match_subject_alt_names [] envoy.type.matcher.v3.StringMatcher  
match_typed_subject_alt_names [] envoy.extensions.transport_sockets.tls.v3.SubjectAltNameMatcher  
max_verify_depth google.protobuf.UInt32Value   {"Uint32":{"lte":100}}
only_verify_leaf_cert_crl bool  
require_signed_certificate_timestamp google.protobuf.BoolValue  
trust_chain_verification envoy.extensions.transport_sockets.tls.v3.CertificateValidationContext.TrustChainVerification   {"Enum":{"defined_only":true}}
trusted_ca envoy.config.core.v3.DataSource  
verify_certificate_hash [] string   {"Repeated":{"items":{"Type":{"String_":{"WellKnown":null,"max_bytes":95,"min_len":64}}}}}
verify_certificate_spki [] string   {"Repeated":{"items":{"Type":{"String_":{"WellKnown":null,"max_bytes":44,"min_len":44}}}}}
watched_directory envoy.config.core.v3.WatchedDirectory