@Generated(value="com.amazonaws:aws-java-sdk-code-generator") public class TlsValidationContext extends Object implements Serializable, Cloneable, StructuredPojo
An object that represents how the proxy will validate its peer during Transport Layer Security (TLS) negotiation.
Constructor and Description |
---|
TlsValidationContext() |
Modifier and Type | Method and Description |
---|---|
TlsValidationContext |
clone() |
boolean |
equals(Object obj) |
SubjectAlternativeNames |
getSubjectAlternativeNames()
A reference to an object that represents the SANs for a Transport Layer Security (TLS) validation context.
|
TlsValidationContextTrust |
getTrust()
A reference to where to retrieve the trust chain when validating a peer’s Transport Layer Security (TLS)
certificate.
|
int |
hashCode() |
void |
marshall(ProtocolMarshaller protocolMarshaller)
Marshalls this structured data using the given
ProtocolMarshaller . |
void |
setSubjectAlternativeNames(SubjectAlternativeNames subjectAlternativeNames)
A reference to an object that represents the SANs for a Transport Layer Security (TLS) validation context.
|
void |
setTrust(TlsValidationContextTrust trust)
A reference to where to retrieve the trust chain when validating a peer’s Transport Layer Security (TLS)
certificate.
|
String |
toString()
Returns a string representation of this object.
|
TlsValidationContext |
withSubjectAlternativeNames(SubjectAlternativeNames subjectAlternativeNames)
A reference to an object that represents the SANs for a Transport Layer Security (TLS) validation context.
|
TlsValidationContext |
withTrust(TlsValidationContextTrust trust)
A reference to where to retrieve the trust chain when validating a peer’s Transport Layer Security (TLS)
certificate.
|
public void setSubjectAlternativeNames(SubjectAlternativeNames subjectAlternativeNames)
A reference to an object that represents the SANs for a Transport Layer Security (TLS) validation context. If you don't specify SANs on the terminating mesh endpoint, the Envoy proxy for that node doesn't verify the SAN on a peer client certificate. If you don't specify SANs on the originating mesh endpoint, the SAN on the certificate provided by the terminating endpoint must match the mesh endpoint service discovery configuration. Since SPIRE vended certificates have a SPIFFE ID as a name, you must set the SAN since the name doesn't match the service discovery name.
subjectAlternativeNames
- A reference to an object that represents the SANs for a Transport Layer Security (TLS) validation context.
If you don't specify SANs on the terminating mesh endpoint, the Envoy proxy for that node doesn't
verify the SAN on a peer client certificate. If you don't specify SANs on the originating mesh
endpoint, the SAN on the certificate provided by the terminating endpoint must match the mesh endpoint
service discovery configuration. Since SPIRE vended certificates have a SPIFFE ID as a name, you must set
the SAN since the name doesn't match the service discovery name.public SubjectAlternativeNames getSubjectAlternativeNames()
A reference to an object that represents the SANs for a Transport Layer Security (TLS) validation context. If you don't specify SANs on the terminating mesh endpoint, the Envoy proxy for that node doesn't verify the SAN on a peer client certificate. If you don't specify SANs on the originating mesh endpoint, the SAN on the certificate provided by the terminating endpoint must match the mesh endpoint service discovery configuration. Since SPIRE vended certificates have a SPIFFE ID as a name, you must set the SAN since the name doesn't match the service discovery name.
public TlsValidationContext withSubjectAlternativeNames(SubjectAlternativeNames subjectAlternativeNames)
A reference to an object that represents the SANs for a Transport Layer Security (TLS) validation context. If you don't specify SANs on the terminating mesh endpoint, the Envoy proxy for that node doesn't verify the SAN on a peer client certificate. If you don't specify SANs on the originating mesh endpoint, the SAN on the certificate provided by the terminating endpoint must match the mesh endpoint service discovery configuration. Since SPIRE vended certificates have a SPIFFE ID as a name, you must set the SAN since the name doesn't match the service discovery name.
subjectAlternativeNames
- A reference to an object that represents the SANs for a Transport Layer Security (TLS) validation context.
If you don't specify SANs on the terminating mesh endpoint, the Envoy proxy for that node doesn't
verify the SAN on a peer client certificate. If you don't specify SANs on the originating mesh
endpoint, the SAN on the certificate provided by the terminating endpoint must match the mesh endpoint
service discovery configuration. Since SPIRE vended certificates have a SPIFFE ID as a name, you must set
the SAN since the name doesn't match the service discovery name.public void setTrust(TlsValidationContextTrust trust)
A reference to where to retrieve the trust chain when validating a peer’s Transport Layer Security (TLS) certificate.
trust
- A reference to where to retrieve the trust chain when validating a peer’s Transport Layer Security (TLS)
certificate.public TlsValidationContextTrust getTrust()
A reference to where to retrieve the trust chain when validating a peer’s Transport Layer Security (TLS) certificate.
public TlsValidationContext withTrust(TlsValidationContextTrust trust)
A reference to where to retrieve the trust chain when validating a peer’s Transport Layer Security (TLS) certificate.
trust
- A reference to where to retrieve the trust chain when validating a peer’s Transport Layer Security (TLS)
certificate.public String toString()
toString
in class Object
Object.toString()
public TlsValidationContext clone()
public void marshall(ProtocolMarshaller protocolMarshaller)
StructuredPojo
ProtocolMarshaller
.marshall
in interface StructuredPojo
protocolMarshaller
- Implementation of ProtocolMarshaller
used to marshall this object's data.