.. _envoy_v3_api_file_envoy/extensions/filters/listener/tls_inspector/v3/tls_inspector.proto:

TLS Inspector Filter (proto)
============================

.. _extension_envoy.filters.listener.tls_inspector:

This extension has the qualified name ``envoy.filters.listener.tls_inspector``


.. note::
  

  This extension is intended to be robust against untrusted downstream traffic. It
  assumes that the upstream is trusted.

.. tip::
  This extension extends and can be used with the following extension category:


  - :ref:`envoy.filters.listener <extension_category_envoy.filters.listener>`



  This extension must be configured with one of the following type URLs:



  - :ref:`type.googleapis.com/envoy.extensions.filters.listener.tls_inspector.v3.TlsInspector <envoy_v3_api_msg_extensions.filters.listener.tls_inspector.v3.TlsInspector>`



Allows detecting whether the transport appears to be TLS or plaintext.




.. _envoy_v3_api_msg_extensions.filters.listener.tls_inspector.v3.TlsInspector:

extensions.filters.listener.tls_inspector.v3.TlsInspector
---------------------------------------------------------


:repo:`[extensions.filters.listener.tls_inspector.v3.TlsInspector proto] <api/envoy/extensions/filters/listener/tls_inspector/v3/tls_inspector.proto#L19>`




.. code-block:: json
  :force:

  {
    "enable_ja3_fingerprinting": {...}
  }

.. _envoy_v3_api_field_extensions.filters.listener.tls_inspector.v3.TlsInspector.enable_ja3_fingerprinting:


enable_ja3_fingerprinting
  (`BoolValue <https://developers.google.com/protocol-buffers/docs/reference/google.protobuf#boolvalue>`_) Populate ``JA3`` fingerprint hash using data from the TLS Client Hello packet. Default is false.