TLS Inspector Filter (proto)

This extension has the qualified name envoy.filters.listener.tls_inspector

Note

This extension is intended to be robust against untrusted downstream traffic. It assumes that the upstream is trusted.

Tip

This extension extends and can be used with the following extension category:

• envoy.filters.listener

This extension must be configured with one of the following type URLs:

• type.googleapis.com/envoy.extensions.filters.listener.tls_inspector.v3.TlsInspector

Allows detecting whether the transport appears to be TLS or plaintext.

extensions.filters.listener.tls_inspector.v3.TlsInspector

[extensions.filters.listener.tls_inspector.v3.TlsInspector proto]

{
  "enable_ja3_fingerprinting": {...}
}

enable_ja3_fingerprinting

(BoolValue) Populate JA3 fingerprint hash using data from the TLS Client Hello packet. Default is false.