Secrets configuration

extensions.transport_sockets.tls.v3.GenericSecret

[extensions.transport_sockets.tls.v3.GenericSecret proto]

{
  "secret": "{...}"
}
secret

(config.core.v3.DataSource) Secret of generic type and is available to filters.

extensions.transport_sockets.tls.v3.SdsSecretConfig

[extensions.transport_sockets.tls.v3.SdsSecretConfig proto]

{
  "name": "...",
  "sds_config": "{...}"
}
name

(string, REQUIRED) Name (FQDN, UUID, SPKI, SHA256, etc.) by which the secret can be uniquely referred to. When both name and config are specified, then secret can be fetched and/or reloaded via SDS. When only name is specified, then secret will be loaded from static resources.

sds_config

(config.core.v3.ConfigSource)

extensions.transport_sockets.tls.v3.Secret

[extensions.transport_sockets.tls.v3.Secret proto]

{
  "name": "...",
  "tls_certificate": "{...}",
  "session_ticket_keys": "{...}",
  "validation_context": "{...}",
  "generic_secret": "{...}"
}
name

(string) Name (FQDN, UUID, SPKI, SHA256, etc.) by which the secret can be uniquely referred to.

tls_certificate

(extensions.transport_sockets.tls.v3.TlsCertificate)

Only one of tls_certificate, session_ticket_keys, validation_context, generic_secret may be set.

session_ticket_keys

(extensions.transport_sockets.tls.v3.TlsSessionTicketKeys)

Only one of tls_certificate, session_ticket_keys, validation_context, generic_secret may be set.

validation_context

(extensions.transport_sockets.tls.v3.CertificateValidationContext)

Only one of tls_certificate, session_ticket_keys, validation_context, generic_secret may be set.

generic_secret

(extensions.transport_sockets.tls.v3.GenericSecret)

Only one of tls_certificate, session_ticket_keys, validation_context, generic_secret may be set.