Secrets configuration (proto)

extensions.transport_sockets.tls.v3.GenericSecret

[extensions.transport_sockets.tls.v3.GenericSecret proto]

{
  "secret": {...}
}
secret

(config.core.v3.DataSource) Secret of generic type and is available to filters.

extensions.transport_sockets.tls.v3.SdsSecretConfig

[extensions.transport_sockets.tls.v3.SdsSecretConfig proto]

{
  "name": ...,
  "sds_config": {...}
}
name

(string, REQUIRED) Name by which the secret can be uniquely referred to. When both name and config are specified, then secret can be fetched and/or reloaded via SDS. When only name is specified, then secret will be loaded from static resources.

sds_config

(config.core.v3.ConfigSource)

extensions.transport_sockets.tls.v3.Secret

[extensions.transport_sockets.tls.v3.Secret proto]

{
  "name": ...,
  "tls_certificate": {...},
  "session_ticket_keys": {...},
  "validation_context": {...},
  "generic_secret": {...}
}
name

(string) Name (FQDN, UUID, SPKI, SHA256, etc.) by which the secret can be uniquely referred to.

tls_certificate

(extensions.transport_sockets.tls.v3.TlsCertificate)

Only one of tls_certificate, session_ticket_keys, validation_context, generic_secret may be set.

session_ticket_keys

(extensions.transport_sockets.tls.v3.TlsSessionTicketKeys)

Only one of tls_certificate, session_ticket_keys, validation_context, generic_secret may be set.

validation_context

(extensions.transport_sockets.tls.v3.CertificateValidationContext)

Only one of tls_certificate, session_ticket_keys, validation_context, generic_secret may be set.

generic_secret

(extensions.transport_sockets.tls.v3.GenericSecret)

Only one of tls_certificate, session_ticket_keys, validation_context, generic_secret may be set.