Secrets configuration¶

extensions.transport_sockets.tls.v3.GenericSecret¶

{
  "secret": "{...}"
}

secret: (config.core.v3.DataSource) Secret of generic type and is available to filters.

{
  "name": "...",
  "sds_config": "{...}"
}

name: (string, REQUIRED) Name by which the secret can be uniquely referred to. When both name and config are specified, then secret can be fetched and/or reloaded via SDS. When only name is specified, then secret will be loaded from static resources.

{
  "name": "...",
  "tls_certificate": "{...}",
  "session_ticket_keys": "{...}",
  "validation_context": "{...}",
  "generic_secret": "{...}"
}

name: (string) Name (FQDN, UUID, SPKI, SHA256, etc.) by which the secret can be uniquely referred to.

tls_certificate

(extensions.transport_sockets.tls.v3.TlsCertificate)

session_ticket_keys

(extensions.transport_sockets.tls.v3.TlsSessionTicketKeys)

validation_context

generic_secret

(extensions.transport_sockets.tls.v3.GenericSecret)