// Generated by the protocol buffer compiler. DO NOT EDIT!
// source: envoy/api/v2/auth/tls.proto
package io.envoyproxy.envoy.api.v2.auth;
public interface DownstreamTlsContextOrBuilder extends
// @@protoc_insertion_point(interface_extends:envoy.api.v2.auth.DownstreamTlsContext)
com.google.protobuf.MessageOrBuilder {
/**
*
* Common TLS context settings.
*
*
* .envoy.api.v2.auth.CommonTlsContext common_tls_context = 1;
* @return Whether the commonTlsContext field is set.
*/
boolean hasCommonTlsContext();
/**
*
* Common TLS context settings.
*
*
* .envoy.api.v2.auth.CommonTlsContext common_tls_context = 1;
* @return The commonTlsContext.
*/
io.envoyproxy.envoy.api.v2.auth.CommonTlsContext getCommonTlsContext();
/**
*
* Common TLS context settings.
*
*
* .envoy.api.v2.auth.CommonTlsContext common_tls_context = 1;
*/
io.envoyproxy.envoy.api.v2.auth.CommonTlsContextOrBuilder getCommonTlsContextOrBuilder();
/**
*
* If specified, Envoy will reject connections without a valid client
* certificate.
*
*
* .google.protobuf.BoolValue require_client_certificate = 2;
* @return Whether the requireClientCertificate field is set.
*/
boolean hasRequireClientCertificate();
/**
*
* If specified, Envoy will reject connections without a valid client
* certificate.
*
*
* .google.protobuf.BoolValue require_client_certificate = 2;
* @return The requireClientCertificate.
*/
com.google.protobuf.BoolValue getRequireClientCertificate();
/**
*
* If specified, Envoy will reject connections without a valid client
* certificate.
*
*
* .google.protobuf.BoolValue require_client_certificate = 2;
*/
com.google.protobuf.BoolValueOrBuilder getRequireClientCertificateOrBuilder();
/**
*
* If specified, Envoy will reject connections without a valid and matching SNI.
* [#not-implemented-hide:]
*
*
* .google.protobuf.BoolValue require_sni = 3;
* @return Whether the requireSni field is set.
*/
boolean hasRequireSni();
/**
*
* If specified, Envoy will reject connections without a valid and matching SNI.
* [#not-implemented-hide:]
*
*
* .google.protobuf.BoolValue require_sni = 3;
* @return The requireSni.
*/
com.google.protobuf.BoolValue getRequireSni();
/**
*
* If specified, Envoy will reject connections without a valid and matching SNI.
* [#not-implemented-hide:]
*
*
* .google.protobuf.BoolValue require_sni = 3;
*/
com.google.protobuf.BoolValueOrBuilder getRequireSniOrBuilder();
/**
*
* TLS session ticket key settings.
*
*
* .envoy.api.v2.auth.TlsSessionTicketKeys session_ticket_keys = 4;
* @return Whether the sessionTicketKeys field is set.
*/
boolean hasSessionTicketKeys();
/**
*
* TLS session ticket key settings.
*
*
* .envoy.api.v2.auth.TlsSessionTicketKeys session_ticket_keys = 4;
* @return The sessionTicketKeys.
*/
io.envoyproxy.envoy.api.v2.auth.TlsSessionTicketKeys getSessionTicketKeys();
/**
*
* TLS session ticket key settings.
*
*
* .envoy.api.v2.auth.TlsSessionTicketKeys session_ticket_keys = 4;
*/
io.envoyproxy.envoy.api.v2.auth.TlsSessionTicketKeysOrBuilder getSessionTicketKeysOrBuilder();
/**
*
* Config for fetching TLS session ticket keys via SDS API.
*
*
* .envoy.api.v2.auth.SdsSecretConfig session_ticket_keys_sds_secret_config = 5;
* @return Whether the sessionTicketKeysSdsSecretConfig field is set.
*/
boolean hasSessionTicketKeysSdsSecretConfig();
/**
*
* Config for fetching TLS session ticket keys via SDS API.
*
*
* .envoy.api.v2.auth.SdsSecretConfig session_ticket_keys_sds_secret_config = 5;
* @return The sessionTicketKeysSdsSecretConfig.
*/
io.envoyproxy.envoy.api.v2.auth.SdsSecretConfig getSessionTicketKeysSdsSecretConfig();
/**
*
* Config for fetching TLS session ticket keys via SDS API.
*
*
* .envoy.api.v2.auth.SdsSecretConfig session_ticket_keys_sds_secret_config = 5;
*/
io.envoyproxy.envoy.api.v2.auth.SdsSecretConfigOrBuilder getSessionTicketKeysSdsSecretConfigOrBuilder();
/**
*
* Config for controlling stateless TLS session resumption: setting this to true will cause the TLS
* server to not issue TLS session tickets for the purposes of stateless TLS session resumption.
* If set to false, the TLS server will issue TLS session tickets and encrypt/decrypt them using
* the keys specified through either :ref:`session_ticket_keys <envoy_api_field_auth.DownstreamTlsContext.session_ticket_keys>`
* or :ref:`session_ticket_keys_sds_secret_config <envoy_api_field_auth.DownstreamTlsContext.session_ticket_keys_sds_secret_config>`.
* If this config is set to false and no keys are explicitly configured, the TLS server will issue
* TLS session tickets and encrypt/decrypt them using an internally-generated and managed key, with the
* implication that sessions cannot be resumed across hot restarts or on different hosts.
*
*
* bool disable_stateless_session_resumption = 7;
* @return Whether the disableStatelessSessionResumption field is set.
*/
boolean hasDisableStatelessSessionResumption();
/**
*
* Config for controlling stateless TLS session resumption: setting this to true will cause the TLS
* server to not issue TLS session tickets for the purposes of stateless TLS session resumption.
* If set to false, the TLS server will issue TLS session tickets and encrypt/decrypt them using
* the keys specified through either :ref:`session_ticket_keys <envoy_api_field_auth.DownstreamTlsContext.session_ticket_keys>`
* or :ref:`session_ticket_keys_sds_secret_config <envoy_api_field_auth.DownstreamTlsContext.session_ticket_keys_sds_secret_config>`.
* If this config is set to false and no keys are explicitly configured, the TLS server will issue
* TLS session tickets and encrypt/decrypt them using an internally-generated and managed key, with the
* implication that sessions cannot be resumed across hot restarts or on different hosts.
*
*
* bool disable_stateless_session_resumption = 7;
* @return The disableStatelessSessionResumption.
*/
boolean getDisableStatelessSessionResumption();
/**
*
* If specified, ``session_timeout`` will change the maximum lifetime (in seconds) of the TLS session.
* Currently this value is used as a hint for the `TLS session ticket lifetime (for TLSv1.2) <https://tools.ietf.org/html/rfc5077#section-5.6>`_.
* Only seconds can be specified (fractional seconds are ignored).
*
*
* .google.protobuf.Duration session_timeout = 6 [(.validate.rules) = { ... }
* @return Whether the sessionTimeout field is set.
*/
boolean hasSessionTimeout();
/**
*
* If specified, ``session_timeout`` will change the maximum lifetime (in seconds) of the TLS session.
* Currently this value is used as a hint for the `TLS session ticket lifetime (for TLSv1.2) <https://tools.ietf.org/html/rfc5077#section-5.6>`_.
* Only seconds can be specified (fractional seconds are ignored).
*
*
* .google.protobuf.Duration session_timeout = 6 [(.validate.rules) = { ... }
* @return The sessionTimeout.
*/
com.google.protobuf.Duration getSessionTimeout();
/**
*
* If specified, ``session_timeout`` will change the maximum lifetime (in seconds) of the TLS session.
* Currently this value is used as a hint for the `TLS session ticket lifetime (for TLSv1.2) <https://tools.ietf.org/html/rfc5077#section-5.6>`_.
* Only seconds can be specified (fractional seconds are ignored).
*
*
* .google.protobuf.Duration session_timeout = 6 [(.validate.rules) = { ... }
*/
com.google.protobuf.DurationOrBuilder getSessionTimeoutOrBuilder();
public io.envoyproxy.envoy.api.v2.auth.DownstreamTlsContext.SessionTicketKeysTypeCase getSessionTicketKeysTypeCase();
}
