Secrets configuration (proto)

extensions.transport_sockets.tls.v3.GenericSecret

{
  "secret": {...}
}

secret: (config.core.v3.DataSource) Secret of generic type and is available to filters.

{
  "name": ...,
  "sds_config": {...}
}

name: (string, REQUIRED) Name by which the secret can be uniquely referred to. When both name and config are specified, then secret can be fetched and/or reloaded via SDS. When only name is specified, then secret will be loaded from static resources.

{
  "name": ...,
  "tls_certificate": {...},
  "session_ticket_keys": {...},
  "validation_context": {...},
  "generic_secret": {...}
}

name: (string) Name (FQDN, UUID, SPKI, SHA256, etc.) by which the secret can be uniquely referred to.

tls_certificate

(extensions.transport_sockets.tls.v3.TlsCertificate)

session_ticket_keys

(extensions.transport_sockets.tls.v3.TlsSessionTicketKeys)

validation_context

generic_secret

(extensions.transport_sockets.tls.v3.GenericSecret)