All Downloads are FREE. Search and download functionalities are using the official Maven repository.

com.amazonaws.services.appmesh.model.TlsValidationContext Maven / Gradle / Ivy

Go to download

The AWS Java SDK for AWS App Mesh module holds the client classes that are used for communicating with AWS App Mesh Service

The newest version!
/*
 * Copyright 2019-2024 Amazon.com, Inc. or its affiliates. All Rights Reserved.
 * 
 * Licensed under the Apache License, Version 2.0 (the "License"). You may not use this file except in compliance with
 * the License. A copy of the License is located at
 * 
 * http://aws.amazon.com/apache2.0
 * 
 * or in the "license" file accompanying this file. This file is distributed on an "AS IS" BASIS, WITHOUT WARRANTIES OR
 * CONDITIONS OF ANY KIND, either express or implied. See the License for the specific language governing permissions
 * and limitations under the License.
 */
package com.amazonaws.services.appmesh.model;

import java.io.Serializable;
import javax.annotation.Generated;
import com.amazonaws.protocol.StructuredPojo;
import com.amazonaws.protocol.ProtocolMarshaller;

/**
 * 

* An object that represents how the proxy will validate its peer during Transport Layer Security (TLS) negotiation. *

* * @see AWS API * Documentation */ @Generated("com.amazonaws:aws-java-sdk-code-generator") public class TlsValidationContext implements Serializable, Cloneable, StructuredPojo { /** *

* A reference to an object that represents the SANs for a Transport Layer Security (TLS) validation context. If you * don't specify SANs on the terminating mesh endpoint, the Envoy proxy for that node doesn't verify the SAN * on a peer client certificate. If you don't specify SANs on the originating mesh endpoint, the SAN on the * certificate provided by the terminating endpoint must match the mesh endpoint service discovery configuration. * Since SPIRE vended certificates have a SPIFFE ID as a name, you must set the SAN since the name doesn't match the * service discovery name. *

*/ private SubjectAlternativeNames subjectAlternativeNames; /** *

* A reference to where to retrieve the trust chain when validating a peer’s Transport Layer Security (TLS) * certificate. *

*/ private TlsValidationContextTrust trust; /** *

* A reference to an object that represents the SANs for a Transport Layer Security (TLS) validation context. If you * don't specify SANs on the terminating mesh endpoint, the Envoy proxy for that node doesn't verify the SAN * on a peer client certificate. If you don't specify SANs on the originating mesh endpoint, the SAN on the * certificate provided by the terminating endpoint must match the mesh endpoint service discovery configuration. * Since SPIRE vended certificates have a SPIFFE ID as a name, you must set the SAN since the name doesn't match the * service discovery name. *

* * @param subjectAlternativeNames * A reference to an object that represents the SANs for a Transport Layer Security (TLS) validation context. * If you don't specify SANs on the terminating mesh endpoint, the Envoy proxy for that node doesn't * verify the SAN on a peer client certificate. If you don't specify SANs on the originating mesh * endpoint, the SAN on the certificate provided by the terminating endpoint must match the mesh endpoint * service discovery configuration. Since SPIRE vended certificates have a SPIFFE ID as a name, you must set * the SAN since the name doesn't match the service discovery name. */ public void setSubjectAlternativeNames(SubjectAlternativeNames subjectAlternativeNames) { this.subjectAlternativeNames = subjectAlternativeNames; } /** *

* A reference to an object that represents the SANs for a Transport Layer Security (TLS) validation context. If you * don't specify SANs on the terminating mesh endpoint, the Envoy proxy for that node doesn't verify the SAN * on a peer client certificate. If you don't specify SANs on the originating mesh endpoint, the SAN on the * certificate provided by the terminating endpoint must match the mesh endpoint service discovery configuration. * Since SPIRE vended certificates have a SPIFFE ID as a name, you must set the SAN since the name doesn't match the * service discovery name. *

* * @return A reference to an object that represents the SANs for a Transport Layer Security (TLS) validation * context. If you don't specify SANs on the terminating mesh endpoint, the Envoy proxy for that node * doesn't verify the SAN on a peer client certificate. If you don't specify SANs on the originating * mesh endpoint, the SAN on the certificate provided by the terminating endpoint must match the mesh * endpoint service discovery configuration. Since SPIRE vended certificates have a SPIFFE ID as a name, you * must set the SAN since the name doesn't match the service discovery name. */ public SubjectAlternativeNames getSubjectAlternativeNames() { return this.subjectAlternativeNames; } /** *

* A reference to an object that represents the SANs for a Transport Layer Security (TLS) validation context. If you * don't specify SANs on the terminating mesh endpoint, the Envoy proxy for that node doesn't verify the SAN * on a peer client certificate. If you don't specify SANs on the originating mesh endpoint, the SAN on the * certificate provided by the terminating endpoint must match the mesh endpoint service discovery configuration. * Since SPIRE vended certificates have a SPIFFE ID as a name, you must set the SAN since the name doesn't match the * service discovery name. *

* * @param subjectAlternativeNames * A reference to an object that represents the SANs for a Transport Layer Security (TLS) validation context. * If you don't specify SANs on the terminating mesh endpoint, the Envoy proxy for that node doesn't * verify the SAN on a peer client certificate. If you don't specify SANs on the originating mesh * endpoint, the SAN on the certificate provided by the terminating endpoint must match the mesh endpoint * service discovery configuration. Since SPIRE vended certificates have a SPIFFE ID as a name, you must set * the SAN since the name doesn't match the service discovery name. * @return Returns a reference to this object so that method calls can be chained together. */ public TlsValidationContext withSubjectAlternativeNames(SubjectAlternativeNames subjectAlternativeNames) { setSubjectAlternativeNames(subjectAlternativeNames); return this; } /** *

* A reference to where to retrieve the trust chain when validating a peer’s Transport Layer Security (TLS) * certificate. *

* * @param trust * A reference to where to retrieve the trust chain when validating a peer’s Transport Layer Security (TLS) * certificate. */ public void setTrust(TlsValidationContextTrust trust) { this.trust = trust; } /** *

* A reference to where to retrieve the trust chain when validating a peer’s Transport Layer Security (TLS) * certificate. *

* * @return A reference to where to retrieve the trust chain when validating a peer’s Transport Layer Security (TLS) * certificate. */ public TlsValidationContextTrust getTrust() { return this.trust; } /** *

* A reference to where to retrieve the trust chain when validating a peer’s Transport Layer Security (TLS) * certificate. *

* * @param trust * A reference to where to retrieve the trust chain when validating a peer’s Transport Layer Security (TLS) * certificate. * @return Returns a reference to this object so that method calls can be chained together. */ public TlsValidationContext withTrust(TlsValidationContextTrust trust) { setTrust(trust); return this; } /** * Returns a string representation of this object. This is useful for testing and debugging. Sensitive data will be * redacted from this string using a placeholder value. * * @return A string representation of this object. * * @see java.lang.Object#toString() */ @Override public String toString() { StringBuilder sb = new StringBuilder(); sb.append("{"); if (getSubjectAlternativeNames() != null) sb.append("SubjectAlternativeNames: ").append(getSubjectAlternativeNames()).append(","); if (getTrust() != null) sb.append("Trust: ").append(getTrust()); sb.append("}"); return sb.toString(); } @Override public boolean equals(Object obj) { if (this == obj) return true; if (obj == null) return false; if (obj instanceof TlsValidationContext == false) return false; TlsValidationContext other = (TlsValidationContext) obj; if (other.getSubjectAlternativeNames() == null ^ this.getSubjectAlternativeNames() == null) return false; if (other.getSubjectAlternativeNames() != null && other.getSubjectAlternativeNames().equals(this.getSubjectAlternativeNames()) == false) return false; if (other.getTrust() == null ^ this.getTrust() == null) return false; if (other.getTrust() != null && other.getTrust().equals(this.getTrust()) == false) return false; return true; } @Override public int hashCode() { final int prime = 31; int hashCode = 1; hashCode = prime * hashCode + ((getSubjectAlternativeNames() == null) ? 0 : getSubjectAlternativeNames().hashCode()); hashCode = prime * hashCode + ((getTrust() == null) ? 0 : getTrust().hashCode()); return hashCode; } @Override public TlsValidationContext clone() { try { return (TlsValidationContext) super.clone(); } catch (CloneNotSupportedException e) { throw new IllegalStateException("Got a CloneNotSupportedException from Object.clone() " + "even though we're Cloneable!", e); } } @com.amazonaws.annotation.SdkInternalApi @Override public void marshall(ProtocolMarshaller protocolMarshaller) { com.amazonaws.services.appmesh.model.transform.TlsValidationContextMarshaller.getInstance().marshall(this, protocolMarshaller); } }




© 2015 - 2025 Weber Informatics LLC | Privacy Policy