Package io.envoyproxy.envoy.extensions.transport_sockets.tls.v3

Class CommonTlsContext

java.lang.Object
com.google.protobuf.AbstractMessageLite
com.google.protobuf.AbstractMessage
com.google.protobuf.GeneratedMessage
io.envoyproxy.envoy.extensions.transport_sockets.tls.v3.CommonTlsContext
All Implemented Interfaces:
com.google.protobuf.Message, com.google.protobuf.MessageLite, com.google.protobuf.MessageLiteOrBuilder, com.google.protobuf.MessageOrBuilder, CommonTlsContextOrBuilder, Serializable
public final class CommonTlsContext extends com.google.protobuf.GeneratedMessage implements CommonTlsContextOrBuilder
 TLS context shared by both client and server TLS contexts.
 [#next-free-field: 16]
Protobuf type envoy.extensions.transport_sockets.tls.v3.CommonTlsContext
See Also:

  • Field Details

    • serialVersionUID

      private static final long serialVersionUID
      See Also:

    • bitField0_

      private int bitField0_

    • validationContextTypeCase_

      private int validationContextTypeCase_

    • validationContextType_

      private Object validationContextType_

    • TLS_PARAMS_FIELD_NUMBER

      public static final int TLS_PARAMS_FIELD_NUMBER
      See Also:

    • tlsParams_

      private TlsParameters tlsParams_

    • TLS_CERTIFICATES_FIELD_NUMBER

      public static final int TLS_CERTIFICATES_FIELD_NUMBER
      See Also:

    • tlsCertificates_

      private List<TlsCertificate> tlsCertificates_

    • TLS_CERTIFICATE_SDS_SECRET_CONFIGS_FIELD_NUMBER

      public static final int TLS_CERTIFICATE_SDS_SECRET_CONFIGS_FIELD_NUMBER
      See Also:

    • tlsCertificateSdsSecretConfigs_

      private List<SdsSecretConfig> tlsCertificateSdsSecretConfigs_

    • TLS_CERTIFICATE_PROVIDER_INSTANCE_FIELD_NUMBER

      public static final int TLS_CERTIFICATE_PROVIDER_INSTANCE_FIELD_NUMBER
      See Also:

    • tlsCertificateProviderInstance_

      private CertificateProviderPluginInstance tlsCertificateProviderInstance_

    • TLS_CERTIFICATE_CERTIFICATE_PROVIDER_FIELD_NUMBER

      public static final int TLS_CERTIFICATE_CERTIFICATE_PROVIDER_FIELD_NUMBER
      See Also:

    • tlsCertificateCertificateProvider_

      private CommonTlsContext.CertificateProvider tlsCertificateCertificateProvider_

    • TLS_CERTIFICATE_CERTIFICATE_PROVIDER_INSTANCE_FIELD_NUMBER

      public static final int TLS_CERTIFICATE_CERTIFICATE_PROVIDER_INSTANCE_FIELD_NUMBER
      See Also:

    • tlsCertificateCertificateProviderInstance_

      private CommonTlsContext.CertificateProviderInstance tlsCertificateCertificateProviderInstance_

    • VALIDATION_CONTEXT_FIELD_NUMBER

      public static final int VALIDATION_CONTEXT_FIELD_NUMBER
      See Also:

    • VALIDATION_CONTEXT_SDS_SECRET_CONFIG_FIELD_NUMBER

      public static final int VALIDATION_CONTEXT_SDS_SECRET_CONFIG_FIELD_NUMBER
      See Also:

    • COMBINED_VALIDATION_CONTEXT_FIELD_NUMBER

      public static final int COMBINED_VALIDATION_CONTEXT_FIELD_NUMBER
      See Also:

    • VALIDATION_CONTEXT_CERTIFICATE_PROVIDER_FIELD_NUMBER

      public static final int VALIDATION_CONTEXT_CERTIFICATE_PROVIDER_FIELD_NUMBER
      See Also:

    • VALIDATION_CONTEXT_CERTIFICATE_PROVIDER_INSTANCE_FIELD_NUMBER

      public static final int VALIDATION_CONTEXT_CERTIFICATE_PROVIDER_INSTANCE_FIELD_NUMBER
      See Also:

    • ALPN_PROTOCOLS_FIELD_NUMBER

      public static final int ALPN_PROTOCOLS_FIELD_NUMBER
      See Also:

    • alpnProtocols_

      private com.google.protobuf.LazyStringArrayList alpnProtocols_

    • CUSTOM_HANDSHAKER_FIELD_NUMBER

      public static final int CUSTOM_HANDSHAKER_FIELD_NUMBER
      See Also:

    • customHandshaker_

      private TypedExtensionConfig customHandshaker_

    • KEY_LOG_FIELD_NUMBER

      public static final int KEY_LOG_FIELD_NUMBER
      See Also:

    • keyLog_

      private TlsKeyLog keyLog_

    • memoizedIsInitialized

      private byte memoizedIsInitialized

    • DEFAULT_INSTANCE

      private static final CommonTlsContext DEFAULT_INSTANCE

    • PARSER

      private static final com.google.protobuf.Parser<CommonTlsContext> PARSER

  • Constructor Details

    • CommonTlsContext

      private CommonTlsContext(com.google.protobuf.GeneratedMessage.Builder<?> builder)

    • CommonTlsContext

      private CommonTlsContext()

  • Method Details

    • getDescriptor

      public static final com.google.protobuf.Descriptors.Descriptor getDescriptor()

    • internalGetFieldAccessorTable

      protected com.google.protobuf.GeneratedMessage.FieldAccessorTable internalGetFieldAccessorTable()
      Specified by:
      internalGetFieldAccessorTable in class com.google.protobuf.GeneratedMessage

    • getValidationContextTypeCase

      public CommonTlsContext.ValidationContextTypeCase getValidationContextTypeCase()
      Specified by:
      getValidationContextTypeCase in interface CommonTlsContextOrBuilder

    • hasTlsParams

      public boolean hasTlsParams()
       TLS protocol versions, cipher suites etc.
      .envoy.extensions.transport_sockets.tls.v3.TlsParameters tls_params = 1;
      Specified by:
      hasTlsParams in interface CommonTlsContextOrBuilder
      Returns:
      Whether the tlsParams field is set.

    • getTlsParams

      public TlsParameters getTlsParams()
       TLS protocol versions, cipher suites etc.
      .envoy.extensions.transport_sockets.tls.v3.TlsParameters tls_params = 1;
      Specified by:
      getTlsParams in interface CommonTlsContextOrBuilder
      Returns:
      The tlsParams.

    • getTlsParamsOrBuilder

      public TlsParametersOrBuilder getTlsParamsOrBuilder()
       TLS protocol versions, cipher suites etc.
      .envoy.extensions.transport_sockets.tls.v3.TlsParameters tls_params = 1;
      Specified by:
      getTlsParamsOrBuilder in interface CommonTlsContextOrBuilder

    • getTlsCertificatesList

      public List<TlsCertificate> getTlsCertificatesList()
       Only a single TLS certificate is supported in client contexts. In server contexts,
 :ref:`Multiple TLS certificates <arch_overview_ssl_cert_select>` can be associated with the
 same context to allow both RSA and ECDSA certificates and support SNI-based selection.

 If ``tls_certificate_provider_instance`` is set, this field is ignored.
 If this field is set, ``tls_certificate_sds_secret_configs`` is ignored.
      repeated .envoy.extensions.transport_sockets.tls.v3.TlsCertificate tls_certificates = 2;
      Specified by:
      getTlsCertificatesList in interface CommonTlsContextOrBuilder

    • getTlsCertificatesOrBuilderList

      public List<? extends TlsCertificateOrBuilder> getTlsCertificatesOrBuilderList()
       Only a single TLS certificate is supported in client contexts. In server contexts,
 :ref:`Multiple TLS certificates <arch_overview_ssl_cert_select>` can be associated with the
 same context to allow both RSA and ECDSA certificates and support SNI-based selection.

 If ``tls_certificate_provider_instance`` is set, this field is ignored.
 If this field is set, ``tls_certificate_sds_secret_configs`` is ignored.
      repeated .envoy.extensions.transport_sockets.tls.v3.TlsCertificate tls_certificates = 2;
      Specified by:
      getTlsCertificatesOrBuilderList in interface CommonTlsContextOrBuilder

    • getTlsCertificatesCount

      public int getTlsCertificatesCount()
       Only a single TLS certificate is supported in client contexts. In server contexts,
 :ref:`Multiple TLS certificates <arch_overview_ssl_cert_select>` can be associated with the
 same context to allow both RSA and ECDSA certificates and support SNI-based selection.

 If ``tls_certificate_provider_instance`` is set, this field is ignored.
 If this field is set, ``tls_certificate_sds_secret_configs`` is ignored.
      repeated .envoy.extensions.transport_sockets.tls.v3.TlsCertificate tls_certificates = 2;
      Specified by:
      getTlsCertificatesCount in interface CommonTlsContextOrBuilder

    • getTlsCertificates

      public TlsCertificate getTlsCertificates(int index)
       Only a single TLS certificate is supported in client contexts. In server contexts,
 :ref:`Multiple TLS certificates <arch_overview_ssl_cert_select>` can be associated with the
 same context to allow both RSA and ECDSA certificates and support SNI-based selection.

 If ``tls_certificate_provider_instance`` is set, this field is ignored.
 If this field is set, ``tls_certificate_sds_secret_configs`` is ignored.
      repeated .envoy.extensions.transport_sockets.tls.v3.TlsCertificate tls_certificates = 2;
      Specified by:
      getTlsCertificates in interface CommonTlsContextOrBuilder

    • getTlsCertificatesOrBuilder

      public TlsCertificateOrBuilder getTlsCertificatesOrBuilder(int index)
       Only a single TLS certificate is supported in client contexts. In server contexts,
 :ref:`Multiple TLS certificates <arch_overview_ssl_cert_select>` can be associated with the
 same context to allow both RSA and ECDSA certificates and support SNI-based selection.

 If ``tls_certificate_provider_instance`` is set, this field is ignored.
 If this field is set, ``tls_certificate_sds_secret_configs`` is ignored.
      repeated .envoy.extensions.transport_sockets.tls.v3.TlsCertificate tls_certificates = 2;
      Specified by:
      getTlsCertificatesOrBuilder in interface CommonTlsContextOrBuilder

    • getTlsCertificateSdsSecretConfigsList

      public List<SdsSecretConfig> getTlsCertificateSdsSecretConfigsList()
       Configs for fetching TLS certificates via SDS API. Note SDS API allows certificates to be
 fetched/refreshed over the network asynchronously with respect to the TLS handshake.

 The same number and types of certificates as :ref:`tls_certificates <envoy_v3_api_field_extensions.transport_sockets.tls.v3.CommonTlsContext.tls_certificates>`
 are valid in the the certificates fetched through this setting.

 If ``tls_certificates`` or ``tls_certificate_provider_instance`` are set, this field
 is ignored.
      repeated .envoy.extensions.transport_sockets.tls.v3.SdsSecretConfig tls_certificate_sds_secret_configs = 6;
      Specified by:
      getTlsCertificateSdsSecretConfigsList in interface CommonTlsContextOrBuilder

    • getTlsCertificateSdsSecretConfigsOrBuilderList

      public List<? extends SdsSecretConfigOrBuilder> getTlsCertificateSdsSecretConfigsOrBuilderList()
       Configs for fetching TLS certificates via SDS API. Note SDS API allows certificates to be
 fetched/refreshed over the network asynchronously with respect to the TLS handshake.

 The same number and types of certificates as :ref:`tls_certificates <envoy_v3_api_field_extensions.transport_sockets.tls.v3.CommonTlsContext.tls_certificates>`
 are valid in the the certificates fetched through this setting.

 If ``tls_certificates`` or ``tls_certificate_provider_instance`` are set, this field
 is ignored.
      repeated .envoy.extensions.transport_sockets.tls.v3.SdsSecretConfig tls_certificate_sds_secret_configs = 6;
      Specified by:
      getTlsCertificateSdsSecretConfigsOrBuilderList in interface CommonTlsContextOrBuilder

    • getTlsCertificateSdsSecretConfigsCount

      public int getTlsCertificateSdsSecretConfigsCount()
       Configs for fetching TLS certificates via SDS API. Note SDS API allows certificates to be
 fetched/refreshed over the network asynchronously with respect to the TLS handshake.

 The same number and types of certificates as :ref:`tls_certificates <envoy_v3_api_field_extensions.transport_sockets.tls.v3.CommonTlsContext.tls_certificates>`
 are valid in the the certificates fetched through this setting.

 If ``tls_certificates`` or ``tls_certificate_provider_instance`` are set, this field
 is ignored.
      repeated .envoy.extensions.transport_sockets.tls.v3.SdsSecretConfig tls_certificate_sds_secret_configs = 6;
      Specified by:
      getTlsCertificateSdsSecretConfigsCount in interface CommonTlsContextOrBuilder

    • getTlsCertificateSdsSecretConfigs

      public SdsSecretConfig getTlsCertificateSdsSecretConfigs(int index)
       Configs for fetching TLS certificates via SDS API. Note SDS API allows certificates to be
 fetched/refreshed over the network asynchronously with respect to the TLS handshake.

 The same number and types of certificates as :ref:`tls_certificates <envoy_v3_api_field_extensions.transport_sockets.tls.v3.CommonTlsContext.tls_certificates>`
 are valid in the the certificates fetched through this setting.

 If ``tls_certificates`` or ``tls_certificate_provider_instance`` are set, this field
 is ignored.
      repeated .envoy.extensions.transport_sockets.tls.v3.SdsSecretConfig tls_certificate_sds_secret_configs = 6;
      Specified by:
      getTlsCertificateSdsSecretConfigs in interface CommonTlsContextOrBuilder

    • getTlsCertificateSdsSecretConfigsOrBuilder

      public SdsSecretConfigOrBuilder getTlsCertificateSdsSecretConfigsOrBuilder(int index)
       Configs for fetching TLS certificates via SDS API. Note SDS API allows certificates to be
 fetched/refreshed over the network asynchronously with respect to the TLS handshake.

 The same number and types of certificates as :ref:`tls_certificates <envoy_v3_api_field_extensions.transport_sockets.tls.v3.CommonTlsContext.tls_certificates>`
 are valid in the the certificates fetched through this setting.

 If ``tls_certificates`` or ``tls_certificate_provider_instance`` are set, this field
 is ignored.
      repeated .envoy.extensions.transport_sockets.tls.v3.SdsSecretConfig tls_certificate_sds_secret_configs = 6;
      Specified by:
      getTlsCertificateSdsSecretConfigsOrBuilder in interface CommonTlsContextOrBuilder

    • hasTlsCertificateProviderInstance

      public boolean hasTlsCertificateProviderInstance()
       Certificate provider instance for fetching TLS certs.

 If this field is set, ``tls_certificates`` and ``tls_certificate_provider_instance``
 are ignored.
 [#not-implemented-hide:]
      .envoy.extensions.transport_sockets.tls.v3.CertificateProviderPluginInstance tls_certificate_provider_instance = 14;
      Specified by:
      hasTlsCertificateProviderInstance in interface CommonTlsContextOrBuilder
      Returns:
      Whether the tlsCertificateProviderInstance field is set.

    • getTlsCertificateProviderInstance

      public CertificateProviderPluginInstance getTlsCertificateProviderInstance()
       Certificate provider instance for fetching TLS certs.

 If this field is set, ``tls_certificates`` and ``tls_certificate_provider_instance``
 are ignored.
 [#not-implemented-hide:]
      .envoy.extensions.transport_sockets.tls.v3.CertificateProviderPluginInstance tls_certificate_provider_instance = 14;
      Specified by:
      getTlsCertificateProviderInstance in interface CommonTlsContextOrBuilder
      Returns:
      The tlsCertificateProviderInstance.

    • getTlsCertificateProviderInstanceOrBuilder

      public CertificateProviderPluginInstanceOrBuilder getTlsCertificateProviderInstanceOrBuilder()
       Certificate provider instance for fetching TLS certs.

 If this field is set, ``tls_certificates`` and ``tls_certificate_provider_instance``
 are ignored.
 [#not-implemented-hide:]
      .envoy.extensions.transport_sockets.tls.v3.CertificateProviderPluginInstance tls_certificate_provider_instance = 14;
      Specified by:
      getTlsCertificateProviderInstanceOrBuilder in interface CommonTlsContextOrBuilder

    • hasTlsCertificateCertificateProvider

      @Deprecated public boolean hasTlsCertificateCertificateProvider()
      Deprecated.
      envoy.extensions.transport_sockets.tls.v3.CommonTlsContext.tls_certificate_certificate_provider is deprecated. See envoy/extensions/transport_sockets/tls/v3/tls.proto;l=273
       Certificate provider for fetching TLS certificates.
 [#not-implemented-hide:]
      .envoy.extensions.transport_sockets.tls.v3.CommonTlsContext.CertificateProvider tls_certificate_certificate_provider = 9 [deprecated = true, (.envoy.annotations.deprecated_at_minor_version) = "3.0"];
      Specified by:
      hasTlsCertificateCertificateProvider in interface CommonTlsContextOrBuilder
      Returns:
      Whether the tlsCertificateCertificateProvider field is set.

    • getTlsCertificateCertificateProvider

      @Deprecated public CommonTlsContext.CertificateProvider getTlsCertificateCertificateProvider()
      Deprecated.
      envoy.extensions.transport_sockets.tls.v3.CommonTlsContext.tls_certificate_certificate_provider is deprecated. See envoy/extensions/transport_sockets/tls/v3/tls.proto;l=273
       Certificate provider for fetching TLS certificates.
 [#not-implemented-hide:]
      .envoy.extensions.transport_sockets.tls.v3.CommonTlsContext.CertificateProvider tls_certificate_certificate_provider = 9 [deprecated = true, (.envoy.annotations.deprecated_at_minor_version) = "3.0"];
      Specified by:
      getTlsCertificateCertificateProvider in interface CommonTlsContextOrBuilder
      Returns:
      The tlsCertificateCertificateProvider.

    • getTlsCertificateCertificateProviderOrBuilder

      @Deprecated public CommonTlsContext.CertificateProviderOrBuilder getTlsCertificateCertificateProviderOrBuilder()
      Deprecated.
       Certificate provider for fetching TLS certificates.
 [#not-implemented-hide:]
      .envoy.extensions.transport_sockets.tls.v3.CommonTlsContext.CertificateProvider tls_certificate_certificate_provider = 9 [deprecated = true, (.envoy.annotations.deprecated_at_minor_version) = "3.0"];
      Specified by:
      getTlsCertificateCertificateProviderOrBuilder in interface CommonTlsContextOrBuilder

    • hasTlsCertificateCertificateProviderInstance

      @Deprecated public boolean hasTlsCertificateCertificateProviderInstance()
      Deprecated.
      envoy.extensions.transport_sockets.tls.v3.CommonTlsContext.tls_certificate_certificate_provider_instance is deprecated. See envoy/extensions/transport_sockets/tls/v3/tls.proto;l=278
       Certificate provider instance for fetching TLS certificates.
 [#not-implemented-hide:]
      .envoy.extensions.transport_sockets.tls.v3.CommonTlsContext.CertificateProviderInstance tls_certificate_certificate_provider_instance = 11 [deprecated = true, (.envoy.annotations.deprecated_at_minor_version) = "3.0"];
      Specified by:
      hasTlsCertificateCertificateProviderInstance in interface CommonTlsContextOrBuilder
      Returns:
      Whether the tlsCertificateCertificateProviderInstance field is set.

    • getTlsCertificateCertificateProviderInstance

      @Deprecated public CommonTlsContext.CertificateProviderInstance getTlsCertificateCertificateProviderInstance()
      Deprecated.
      envoy.extensions.transport_sockets.tls.v3.CommonTlsContext.tls_certificate_certificate_provider_instance is deprecated. See envoy/extensions/transport_sockets/tls/v3/tls.proto;l=278
       Certificate provider instance for fetching TLS certificates.
 [#not-implemented-hide:]
      .envoy.extensions.transport_sockets.tls.v3.CommonTlsContext.CertificateProviderInstance tls_certificate_certificate_provider_instance = 11 [deprecated = true, (.envoy.annotations.deprecated_at_minor_version) = "3.0"];
      Specified by:
      getTlsCertificateCertificateProviderInstance in interface CommonTlsContextOrBuilder
      Returns:
      The tlsCertificateCertificateProviderInstance.

    • getTlsCertificateCertificateProviderInstanceOrBuilder

      @Deprecated public CommonTlsContext.CertificateProviderInstanceOrBuilder getTlsCertificateCertificateProviderInstanceOrBuilder()
      Deprecated.
       Certificate provider instance for fetching TLS certificates.
 [#not-implemented-hide:]
      .envoy.extensions.transport_sockets.tls.v3.CommonTlsContext.CertificateProviderInstance tls_certificate_certificate_provider_instance = 11 [deprecated = true, (.envoy.annotations.deprecated_at_minor_version) = "3.0"];
      Specified by:
      getTlsCertificateCertificateProviderInstanceOrBuilder in interface CommonTlsContextOrBuilder

    • hasValidationContext

      public boolean hasValidationContext()
       How to validate peer certificates.
      .envoy.extensions.transport_sockets.tls.v3.CertificateValidationContext validation_context = 3;
      Specified by:
      hasValidationContext in interface CommonTlsContextOrBuilder
      Returns:
      Whether the validationContext field is set.

    • getValidationContext

      public CertificateValidationContext getValidationContext()
       How to validate peer certificates.
      .envoy.extensions.transport_sockets.tls.v3.CertificateValidationContext validation_context = 3;
      Specified by:
      getValidationContext in interface CommonTlsContextOrBuilder
      Returns:
      The validationContext.

    • getValidationContextOrBuilder

      public CertificateValidationContextOrBuilder getValidationContextOrBuilder()
       How to validate peer certificates.
      .envoy.extensions.transport_sockets.tls.v3.CertificateValidationContext validation_context = 3;
      Specified by:
      getValidationContextOrBuilder in interface CommonTlsContextOrBuilder

    • hasValidationContextSdsSecretConfig

      public boolean hasValidationContextSdsSecretConfig()
       Config for fetching validation context via SDS API. Note SDS API allows certificates to be
 fetched/refreshed over the network asynchronously with respect to the TLS handshake.
      .envoy.extensions.transport_sockets.tls.v3.SdsSecretConfig validation_context_sds_secret_config = 7;
      Specified by:
      hasValidationContextSdsSecretConfig in interface CommonTlsContextOrBuilder
      Returns:
      Whether the validationContextSdsSecretConfig field is set.

    • getValidationContextSdsSecretConfig

      public SdsSecretConfig getValidationContextSdsSecretConfig()
       Config for fetching validation context via SDS API. Note SDS API allows certificates to be
 fetched/refreshed over the network asynchronously with respect to the TLS handshake.
      .envoy.extensions.transport_sockets.tls.v3.SdsSecretConfig validation_context_sds_secret_config = 7;
      Specified by:
      getValidationContextSdsSecretConfig in interface CommonTlsContextOrBuilder
      Returns:
      The validationContextSdsSecretConfig.

    • getValidationContextSdsSecretConfigOrBuilder

      public SdsSecretConfigOrBuilder getValidationContextSdsSecretConfigOrBuilder()
       Config for fetching validation context via SDS API. Note SDS API allows certificates to be
 fetched/refreshed over the network asynchronously with respect to the TLS handshake.
      .envoy.extensions.transport_sockets.tls.v3.SdsSecretConfig validation_context_sds_secret_config = 7;
      Specified by:
      getValidationContextSdsSecretConfigOrBuilder in interface CommonTlsContextOrBuilder

    • hasCombinedValidationContext

      public boolean hasCombinedValidationContext()
       Combined certificate validation context holds a default CertificateValidationContext
 and SDS config. When SDS server returns dynamic CertificateValidationContext, both dynamic
 and default CertificateValidationContext are merged into a new CertificateValidationContext
 for validation. This merge is done by Message::MergeFrom(), so dynamic
 CertificateValidationContext overwrites singular fields in default
 CertificateValidationContext, and concatenates repeated fields to default
 CertificateValidationContext, and logical OR is applied to boolean fields.
      .envoy.extensions.transport_sockets.tls.v3.CommonTlsContext.CombinedCertificateValidationContext combined_validation_context = 8;
      Specified by:
      hasCombinedValidationContext in interface CommonTlsContextOrBuilder
      Returns:
      Whether the combinedValidationContext field is set.

    • getCombinedValidationContext

      public CommonTlsContext.CombinedCertificateValidationContext getCombinedValidationContext()
       Combined certificate validation context holds a default CertificateValidationContext
 and SDS config. When SDS server returns dynamic CertificateValidationContext, both dynamic
 and default CertificateValidationContext are merged into a new CertificateValidationContext
 for validation. This merge is done by Message::MergeFrom(), so dynamic
 CertificateValidationContext overwrites singular fields in default
 CertificateValidationContext, and concatenates repeated fields to default
 CertificateValidationContext, and logical OR is applied to boolean fields.
      .envoy.extensions.transport_sockets.tls.v3.CommonTlsContext.CombinedCertificateValidationContext combined_validation_context = 8;
      Specified by:
      getCombinedValidationContext in interface CommonTlsContextOrBuilder
      Returns:
      The combinedValidationContext.

    • getCombinedValidationContextOrBuilder

      public CommonTlsContext.CombinedCertificateValidationContextOrBuilder getCombinedValidationContextOrBuilder()
       Combined certificate validation context holds a default CertificateValidationContext
 and SDS config. When SDS server returns dynamic CertificateValidationContext, both dynamic
 and default CertificateValidationContext are merged into a new CertificateValidationContext
 for validation. This merge is done by Message::MergeFrom(), so dynamic
 CertificateValidationContext overwrites singular fields in default
 CertificateValidationContext, and concatenates repeated fields to default
 CertificateValidationContext, and logical OR is applied to boolean fields.
      .envoy.extensions.transport_sockets.tls.v3.CommonTlsContext.CombinedCertificateValidationContext combined_validation_context = 8;
      Specified by:
      getCombinedValidationContextOrBuilder in interface CommonTlsContextOrBuilder

    • hasValidationContextCertificateProvider

      @Deprecated public boolean hasValidationContextCertificateProvider()
      Deprecated.
      envoy.extensions.transport_sockets.tls.v3.CommonTlsContext.validation_context_certificate_provider is deprecated. See envoy/extensions/transport_sockets/tls/v3/tls.proto;l=300
       Certificate provider for fetching validation context.
 [#not-implemented-hide:]
      .envoy.extensions.transport_sockets.tls.v3.CommonTlsContext.CertificateProvider validation_context_certificate_provider = 10 [deprecated = true, (.envoy.annotations.deprecated_at_minor_version) = "3.0"];
      Specified by:
      hasValidationContextCertificateProvider in interface CommonTlsContextOrBuilder
      Returns:
      Whether the validationContextCertificateProvider field is set.

    • getValidationContextCertificateProvider

      @Deprecated public CommonTlsContext.CertificateProvider getValidationContextCertificateProvider()
      Deprecated.
      envoy.extensions.transport_sockets.tls.v3.CommonTlsContext.validation_context_certificate_provider is deprecated. See envoy/extensions/transport_sockets/tls/v3/tls.proto;l=300
       Certificate provider for fetching validation context.
 [#not-implemented-hide:]
      .envoy.extensions.transport_sockets.tls.v3.CommonTlsContext.CertificateProvider validation_context_certificate_provider = 10 [deprecated = true, (.envoy.annotations.deprecated_at_minor_version) = "3.0"];
      Specified by:
      getValidationContextCertificateProvider in interface CommonTlsContextOrBuilder
      Returns:
      The validationContextCertificateProvider.

    • getValidationContextCertificateProviderOrBuilder

      @Deprecated public CommonTlsContext.CertificateProviderOrBuilder getValidationContextCertificateProviderOrBuilder()
      Deprecated.
       Certificate provider for fetching validation context.
 [#not-implemented-hide:]
      .envoy.extensions.transport_sockets.tls.v3.CommonTlsContext.CertificateProvider validation_context_certificate_provider = 10 [deprecated = true, (.envoy.annotations.deprecated_at_minor_version) = "3.0"];
      Specified by:
      getValidationContextCertificateProviderOrBuilder in interface CommonTlsContextOrBuilder

    • hasValidationContextCertificateProviderInstance

      @Deprecated public boolean hasValidationContextCertificateProviderInstance()
      Deprecated.
      envoy.extensions.transport_sockets.tls.v3.CommonTlsContext.validation_context_certificate_provider_instance is deprecated. See envoy/extensions/transport_sockets/tls/v3/tls.proto;l=305
       Certificate provider instance for fetching validation context.
 [#not-implemented-hide:]
      .envoy.extensions.transport_sockets.tls.v3.CommonTlsContext.CertificateProviderInstance validation_context_certificate_provider_instance = 12 [deprecated = true, (.envoy.annotations.deprecated_at_minor_version) = "3.0"];
      Specified by:
      hasValidationContextCertificateProviderInstance in interface CommonTlsContextOrBuilder
      Returns:
      Whether the validationContextCertificateProviderInstance field is set.

    • getValidationContextCertificateProviderInstance

      @Deprecated public CommonTlsContext.CertificateProviderInstance getValidationContextCertificateProviderInstance()
      Deprecated.
      envoy.extensions.transport_sockets.tls.v3.CommonTlsContext.validation_context_certificate_provider_instance is deprecated. See envoy/extensions/transport_sockets/tls/v3/tls.proto;l=305
       Certificate provider instance for fetching validation context.
 [#not-implemented-hide:]
      .envoy.extensions.transport_sockets.tls.v3.CommonTlsContext.CertificateProviderInstance validation_context_certificate_provider_instance = 12 [deprecated = true, (.envoy.annotations.deprecated_at_minor_version) = "3.0"];
      Specified by:
      getValidationContextCertificateProviderInstance in interface CommonTlsContextOrBuilder
      Returns:
      The validationContextCertificateProviderInstance.

    • getValidationContextCertificateProviderInstanceOrBuilder

      @Deprecated public CommonTlsContext.CertificateProviderInstanceOrBuilder getValidationContextCertificateProviderInstanceOrBuilder()
      Deprecated.
       Certificate provider instance for fetching validation context.
 [#not-implemented-hide:]
      .envoy.extensions.transport_sockets.tls.v3.CommonTlsContext.CertificateProviderInstance validation_context_certificate_provider_instance = 12 [deprecated = true, (.envoy.annotations.deprecated_at_minor_version) = "3.0"];
      Specified by:
      getValidationContextCertificateProviderInstanceOrBuilder in interface CommonTlsContextOrBuilder

    • getAlpnProtocolsList

      public com.google.protobuf.ProtocolStringList getAlpnProtocolsList()
       Supplies the list of ALPN protocols that the listener should expose. In
 practice this is likely to be set to one of two values (see the
 :ref:`codec_type
 <envoy_v3_api_field_extensions.filters.network.http_connection_manager.v3.HttpConnectionManager.codec_type>`
 parameter in the HTTP connection manager for more information):

 * "h2,http/1.1" If the listener is going to support both HTTP/2 and HTTP/1.1.
 * "http/1.1" If the listener is only going to support HTTP/1.1.

 There is no default for this parameter. If empty, Envoy will not expose ALPN.
      repeated string alpn_protocols = 4;
      Specified by:
      getAlpnProtocolsList in interface CommonTlsContextOrBuilder
      Returns:
      A list containing the alpnProtocols.

    • getAlpnProtocolsCount

      public int getAlpnProtocolsCount()
       Supplies the list of ALPN protocols that the listener should expose. In
 practice this is likely to be set to one of two values (see the
 :ref:`codec_type
 <envoy_v3_api_field_extensions.filters.network.http_connection_manager.v3.HttpConnectionManager.codec_type>`
 parameter in the HTTP connection manager for more information):

 * "h2,http/1.1" If the listener is going to support both HTTP/2 and HTTP/1.1.
 * "http/1.1" If the listener is only going to support HTTP/1.1.

 There is no default for this parameter. If empty, Envoy will not expose ALPN.
      repeated string alpn_protocols = 4;
      Specified by:
      getAlpnProtocolsCount in interface CommonTlsContextOrBuilder
      Returns:
      The count of alpnProtocols.

    • getAlpnProtocols

      public String getAlpnProtocols(int index)
       Supplies the list of ALPN protocols that the listener should expose. In
 practice this is likely to be set to one of two values (see the
 :ref:`codec_type
 <envoy_v3_api_field_extensions.filters.network.http_connection_manager.v3.HttpConnectionManager.codec_type>`
 parameter in the HTTP connection manager for more information):

 * "h2,http/1.1" If the listener is going to support both HTTP/2 and HTTP/1.1.
 * "http/1.1" If the listener is only going to support HTTP/1.1.

 There is no default for this parameter. If empty, Envoy will not expose ALPN.
      repeated string alpn_protocols = 4;
      Specified by:
      getAlpnProtocols in interface CommonTlsContextOrBuilder
      Parameters:
      index - The index of the element to return.
      Returns:
      The alpnProtocols at the given index.

    • getAlpnProtocolsBytes

      public com.google.protobuf.ByteString getAlpnProtocolsBytes(int index)
       Supplies the list of ALPN protocols that the listener should expose. In
 practice this is likely to be set to one of two values (see the
 :ref:`codec_type
 <envoy_v3_api_field_extensions.filters.network.http_connection_manager.v3.HttpConnectionManager.codec_type>`
 parameter in the HTTP connection manager for more information):

 * "h2,http/1.1" If the listener is going to support both HTTP/2 and HTTP/1.1.
 * "http/1.1" If the listener is only going to support HTTP/1.1.

 There is no default for this parameter. If empty, Envoy will not expose ALPN.
      repeated string alpn_protocols = 4;
      Specified by:
      getAlpnProtocolsBytes in interface CommonTlsContextOrBuilder
      Parameters:
      index - The index of the value to return.
      Returns:
      The bytes of the alpnProtocols at the given index.

    • hasCustomHandshaker

      public boolean hasCustomHandshaker()
       Custom TLS handshaker. If empty, defaults to native TLS handshaking
 behavior.
      .envoy.config.core.v3.TypedExtensionConfig custom_handshaker = 13;
      Specified by:
      hasCustomHandshaker in interface CommonTlsContextOrBuilder
      Returns:
      Whether the customHandshaker field is set.

    • getCustomHandshaker

      public TypedExtensionConfig getCustomHandshaker()
       Custom TLS handshaker. If empty, defaults to native TLS handshaking
 behavior.
      .envoy.config.core.v3.TypedExtensionConfig custom_handshaker = 13;
      Specified by:
      getCustomHandshaker in interface CommonTlsContextOrBuilder
      Returns:
      The customHandshaker.

    • getCustomHandshakerOrBuilder

      public TypedExtensionConfigOrBuilder getCustomHandshakerOrBuilder()
       Custom TLS handshaker. If empty, defaults to native TLS handshaking
 behavior.
      .envoy.config.core.v3.TypedExtensionConfig custom_handshaker = 13;
      Specified by:
      getCustomHandshakerOrBuilder in interface CommonTlsContextOrBuilder

    • hasKeyLog

      public boolean hasKeyLog()
       TLS key log configuration
      .envoy.extensions.transport_sockets.tls.v3.TlsKeyLog key_log = 15;
      Specified by:
      hasKeyLog in interface CommonTlsContextOrBuilder
      Returns:
      Whether the keyLog field is set.

    • getKeyLog

      public TlsKeyLog getKeyLog()
       TLS key log configuration
      .envoy.extensions.transport_sockets.tls.v3.TlsKeyLog key_log = 15;
      Specified by:
      getKeyLog in interface CommonTlsContextOrBuilder
      Returns:
      The keyLog.

    • getKeyLogOrBuilder

      public TlsKeyLogOrBuilder getKeyLogOrBuilder()
       TLS key log configuration
      .envoy.extensions.transport_sockets.tls.v3.TlsKeyLog key_log = 15;
      Specified by:
      getKeyLogOrBuilder in interface CommonTlsContextOrBuilder

    • isInitialized

      public final boolean isInitialized()
      Specified by:
      isInitialized in interface com.google.protobuf.MessageLiteOrBuilder
      Overrides:
      isInitialized in class com.google.protobuf.GeneratedMessage

    • writeTo

      public void writeTo(com.google.protobuf.CodedOutputStream output) throws IOException
      Specified by:
      writeTo in interface com.google.protobuf.MessageLite
      Overrides:
      writeTo in class com.google.protobuf.GeneratedMessage
      Throws:
      IOException

    • getSerializedSize

      public int getSerializedSize()
      Specified by:
      getSerializedSize in interface com.google.protobuf.MessageLite
      Overrides:
      getSerializedSize in class com.google.protobuf.GeneratedMessage

    • equals

      public boolean equals(Object obj)
      Specified by:
      equals in interface com.google.protobuf.Message
      Overrides:
      equals in class com.google.protobuf.AbstractMessage

    • hashCode

      public int hashCode()
      Specified by:
      hashCode in interface com.google.protobuf.Message
      Overrides:
      hashCode in class com.google.protobuf.AbstractMessage

    • parseFrom

      public static CommonTlsContext parseFrom(ByteBuffer data) throws com.google.protobuf.InvalidProtocolBufferException
      Throws:
      com.google.protobuf.InvalidProtocolBufferException

    • parseFrom

      public static CommonTlsContext parseFrom(ByteBuffer data, com.google.protobuf.ExtensionRegistryLite extensionRegistry) throws com.google.protobuf.InvalidProtocolBufferException
      Throws:
      com.google.protobuf.InvalidProtocolBufferException

    • parseFrom

      public static CommonTlsContext parseFrom(com.google.protobuf.ByteString data) throws com.google.protobuf.InvalidProtocolBufferException
      Throws:
      com.google.protobuf.InvalidProtocolBufferException

    • parseFrom

      public static CommonTlsContext parseFrom(com.google.protobuf.ByteString data, com.google.protobuf.ExtensionRegistryLite extensionRegistry) throws com.google.protobuf.InvalidProtocolBufferException
      Throws:
      com.google.protobuf.InvalidProtocolBufferException

    • parseFrom

      public static CommonTlsContext parseFrom(byte[] data) throws com.google.protobuf.InvalidProtocolBufferException
      Throws:
      com.google.protobuf.InvalidProtocolBufferException

    • parseFrom

      public static CommonTlsContext parseFrom(byte[] data, com.google.protobuf.ExtensionRegistryLite extensionRegistry) throws com.google.protobuf.InvalidProtocolBufferException
      Throws:
      com.google.protobuf.InvalidProtocolBufferException

    • parseFrom

      public static CommonTlsContext parseFrom(InputStream input) throws IOException
      Throws:
      IOException

    • parseFrom

      public static CommonTlsContext parseFrom(InputStream input, com.google.protobuf.ExtensionRegistryLite extensionRegistry) throws IOException
      Throws:
      IOException

    • parseDelimitedFrom

      public static CommonTlsContext parseDelimitedFrom(InputStream input) throws IOException
      Throws:
      IOException

    • parseDelimitedFrom

      public static CommonTlsContext parseDelimitedFrom(InputStream input, com.google.protobuf.ExtensionRegistryLite extensionRegistry) throws IOException
      Throws:
      IOException

    • parseFrom

      public static CommonTlsContext parseFrom(com.google.protobuf.CodedInputStream input) throws IOException
      Throws:
      IOException

    • parseFrom

      public static CommonTlsContext parseFrom(com.google.protobuf.CodedInputStream input, com.google.protobuf.ExtensionRegistryLite extensionRegistry) throws IOException
      Throws:
      IOException

    • newBuilderForType

      public CommonTlsContext.Builder newBuilderForType()
      Specified by:
      newBuilderForType in interface com.google.protobuf.Message
      Specified by:
      newBuilderForType in interface com.google.protobuf.MessageLite

    • newBuilder

      public static CommonTlsContext.Builder newBuilder()

    • newBuilder

      public static CommonTlsContext.Builder newBuilder(CommonTlsContext prototype)

    • toBuilder

      public CommonTlsContext.Builder toBuilder()
      Specified by:
      toBuilder in interface com.google.protobuf.Message
      Specified by:
      toBuilder in interface com.google.protobuf.MessageLite

    • newBuilderForType

      protected CommonTlsContext.Builder newBuilderForType(com.google.protobuf.AbstractMessage.BuilderParent parent)
      Overrides:
      newBuilderForType in class com.google.protobuf.AbstractMessage

    • getDefaultInstance

      public static CommonTlsContext getDefaultInstance()

    • parser

      public static com.google.protobuf.Parser<CommonTlsContext> parser()

    • getParserForType

      public com.google.protobuf.Parser<CommonTlsContext> getParserForType()
      Specified by:
      getParserForType in interface com.google.protobuf.Message
      Specified by:
      getParserForType in interface com.google.protobuf.MessageLite
      Overrides:
      getParserForType in class com.google.protobuf.GeneratedMessage

    • getDefaultInstanceForType

      public CommonTlsContext getDefaultInstanceForType()
      Specified by:
      getDefaultInstanceForType in interface com.google.protobuf.MessageLiteOrBuilder
      Specified by:
      getDefaultInstanceForType in interface com.google.protobuf.MessageOrBuilder