Class UpstreamTlsContext.Builder

java.lang.Object
com.google.protobuf.AbstractMessageLite.Builder
com.google.protobuf.AbstractMessage.Builder<UpstreamTlsContext.Builder>
com.google.protobuf.GeneratedMessage.Builder<UpstreamTlsContext.Builder>
io.envoyproxy.envoy.extensions.transport_sockets.tls.v3.UpstreamTlsContext.Builder
All Implemented Interfaces:
com.google.protobuf.Message.Builder, com.google.protobuf.MessageLite.Builder, com.google.protobuf.MessageLiteOrBuilder, com.google.protobuf.MessageOrBuilder, UpstreamTlsContextOrBuilder, Cloneable
Enclosing class:
UpstreamTlsContext
public static final class UpstreamTlsContext.Builder extends com.google.protobuf.GeneratedMessage.Builder<UpstreamTlsContext.Builder> implements UpstreamTlsContextOrBuilder
[#next-free-field: 6]
Protobuf type envoy.extensions.transport_sockets.tls.v3.UpstreamTlsContext

  • Method Summary

    Modifier and Type
    Method
    Description
    UpstreamTlsContext
    build()
     
    UpstreamTlsContext
    buildPartial()
     
    UpstreamTlsContext.Builder
    clear()
     
    UpstreamTlsContext.Builder
    clearAllowRenegotiation()
    If true, server-initiated TLS renegotiation will be allowed. .. attention:: TLS renegotiation is considered insecure and shouldn't be used unless absolutely necessary.
    UpstreamTlsContext.Builder
    clearCommonTlsContext()
    Common TLS context settings. .. attention:: Server certificate verification is not enabled by default.
    UpstreamTlsContext.Builder
    clearEnforceRsaKeyUsage()
    This field is used to control the enforcement, whereby the handshake will fail if the keyUsage extension is present and incompatible with the TLS usage.
    UpstreamTlsContext.Builder
    clearMaxSessionKeys()
    Maximum number of session keys (Pre-Shared Keys for TLSv1.3+, Session IDs and Session Tickets for TLSv1.2 and older) to store for the purpose of session resumption.
    UpstreamTlsContext.Builder
    clearSni()
    SNI string to use when creating TLS backend connections.
    boolean
    getAllowRenegotiation()
    If true, server-initiated TLS renegotiation will be allowed. .. attention:: TLS renegotiation is considered insecure and shouldn't be used unless absolutely necessary.
    CommonTlsContext
    getCommonTlsContext()
    Common TLS context settings. .. attention:: Server certificate verification is not enabled by default.
    CommonTlsContext.Builder
    getCommonTlsContextBuilder()
    Common TLS context settings. .. attention:: Server certificate verification is not enabled by default.
    CommonTlsContextOrBuilder
    getCommonTlsContextOrBuilder()
    Common TLS context settings. .. attention:: Server certificate verification is not enabled by default.
    UpstreamTlsContext
    getDefaultInstanceForType()
     
    static final com.google.protobuf.Descriptors.Descriptor
    getDescriptor()
     
    com.google.protobuf.Descriptors.Descriptor
    getDescriptorForType()
     
    com.google.protobuf.BoolValue
    getEnforceRsaKeyUsage()
    This field is used to control the enforcement, whereby the handshake will fail if the keyUsage extension is present and incompatible with the TLS usage.
    com.google.protobuf.BoolValue.Builder
    getEnforceRsaKeyUsageBuilder()
    This field is used to control the enforcement, whereby the handshake will fail if the keyUsage extension is present and incompatible with the TLS usage.
    com.google.protobuf.BoolValueOrBuilder
    getEnforceRsaKeyUsageOrBuilder()
    This field is used to control the enforcement, whereby the handshake will fail if the keyUsage extension is present and incompatible with the TLS usage.
    com.google.protobuf.UInt32Value
    getMaxSessionKeys()
    Maximum number of session keys (Pre-Shared Keys for TLSv1.3+, Session IDs and Session Tickets for TLSv1.2 and older) to store for the purpose of session resumption.
    com.google.protobuf.UInt32Value.Builder
    getMaxSessionKeysBuilder()
    Maximum number of session keys (Pre-Shared Keys for TLSv1.3+, Session IDs and Session Tickets for TLSv1.2 and older) to store for the purpose of session resumption.
    com.google.protobuf.UInt32ValueOrBuilder
    getMaxSessionKeysOrBuilder()
    Maximum number of session keys (Pre-Shared Keys for TLSv1.3+, Session IDs and Session Tickets for TLSv1.2 and older) to store for the purpose of session resumption.
    String
    getSni()
    SNI string to use when creating TLS backend connections.
    com.google.protobuf.ByteString
    getSniBytes()
    SNI string to use when creating TLS backend connections.
    boolean
    hasCommonTlsContext()
    Common TLS context settings. .. attention:: Server certificate verification is not enabled by default.
    boolean
    hasEnforceRsaKeyUsage()
    This field is used to control the enforcement, whereby the handshake will fail if the keyUsage extension is present and incompatible with the TLS usage.
    boolean
    hasMaxSessionKeys()
    Maximum number of session keys (Pre-Shared Keys for TLSv1.3+, Session IDs and Session Tickets for TLSv1.2 and older) to store for the purpose of session resumption.
    protected com.google.protobuf.GeneratedMessage.FieldAccessorTable
    internalGetFieldAccessorTable()
     
    final boolean
    isInitialized()
     
    UpstreamTlsContext.Builder
    mergeCommonTlsContext(CommonTlsContext value)
    Common TLS context settings. .. attention:: Server certificate verification is not enabled by default.
    UpstreamTlsContext.Builder
    mergeEnforceRsaKeyUsage(com.google.protobuf.BoolValue value)
    This field is used to control the enforcement, whereby the handshake will fail if the keyUsage extension is present and incompatible with the TLS usage.
    UpstreamTlsContext.Builder
    mergeFrom(com.google.protobuf.CodedInputStream input, com.google.protobuf.ExtensionRegistryLite extensionRegistry)
     
    UpstreamTlsContext.Builder
    mergeFrom(com.google.protobuf.Message other)
     
    UpstreamTlsContext.Builder
    mergeFrom(UpstreamTlsContext other)
     
    UpstreamTlsContext.Builder
    mergeMaxSessionKeys(com.google.protobuf.UInt32Value value)
    Maximum number of session keys (Pre-Shared Keys for TLSv1.3+, Session IDs and Session Tickets for TLSv1.2 and older) to store for the purpose of session resumption.
    UpstreamTlsContext.Builder
    setAllowRenegotiation(boolean value)
    If true, server-initiated TLS renegotiation will be allowed. .. attention:: TLS renegotiation is considered insecure and shouldn't be used unless absolutely necessary.
    UpstreamTlsContext.Builder
    setCommonTlsContext(CommonTlsContext value)
    Common TLS context settings. .. attention:: Server certificate verification is not enabled by default.
    UpstreamTlsContext.Builder
    setCommonTlsContext(CommonTlsContext.Builder builderForValue)
    Common TLS context settings. .. attention:: Server certificate verification is not enabled by default.
    UpstreamTlsContext.Builder
    setEnforceRsaKeyUsage(com.google.protobuf.BoolValue value)
    This field is used to control the enforcement, whereby the handshake will fail if the keyUsage extension is present and incompatible with the TLS usage.
    UpstreamTlsContext.Builder
    setEnforceRsaKeyUsage(com.google.protobuf.BoolValue.Builder builderForValue)
    This field is used to control the enforcement, whereby the handshake will fail if the keyUsage extension is present and incompatible with the TLS usage.
    UpstreamTlsContext.Builder
    setMaxSessionKeys(com.google.protobuf.UInt32Value value)
    Maximum number of session keys (Pre-Shared Keys for TLSv1.3+, Session IDs and Session Tickets for TLSv1.2 and older) to store for the purpose of session resumption.
    UpstreamTlsContext.Builder
    setMaxSessionKeys(com.google.protobuf.UInt32Value.Builder builderForValue)
    Maximum number of session keys (Pre-Shared Keys for TLSv1.3+, Session IDs and Session Tickets for TLSv1.2 and older) to store for the purpose of session resumption.
    UpstreamTlsContext.Builder
    setSni(String value)
    SNI string to use when creating TLS backend connections.
    UpstreamTlsContext.Builder
    setSniBytes(com.google.protobuf.ByteString value)
    SNI string to use when creating TLS backend connections.

    Methods inherited from class com.google.protobuf.GeneratedMessage.Builder

    addRepeatedField, clearField, clearOneof, clone, getAllFields, getField, getFieldBuilder, getOneofFieldDescriptor, getParentForChildren, getRepeatedField, getRepeatedFieldBuilder, getRepeatedFieldCount, getUnknownFields, getUnknownFieldSetBuilder, hasField, hasOneof, internalGetMapField, internalGetMapFieldReflection, internalGetMutableMapField, internalGetMutableMapFieldReflection, isClean, markClean, mergeUnknownFields, mergeUnknownLengthDelimitedField, mergeUnknownVarintField, newBuilderForField, onBuilt, onChanged, parseUnknownField, setField, setRepeatedField, setUnknownFields, setUnknownFieldSetBuilder, setUnknownFieldsProto3

    Methods inherited from class com.google.protobuf.AbstractMessage.Builder

    findInitializationErrors, getInitializationErrorString, internalMergeFrom, mergeFrom, mergeFrom, mergeFrom, mergeFrom, mergeFrom, mergeFrom, mergeFrom, mergeFrom, mergeFrom, newUninitializedMessageException, toString

    Methods inherited from class com.google.protobuf.AbstractMessageLite.Builder

    addAll, addAll, mergeDelimitedFrom, mergeDelimitedFrom, mergeFrom, newUninitializedMessageException

    Methods inherited from class Object

    equals, finalize, getClass, hashCode, notify, notifyAll, wait, wait, wait

    Methods inherited from interface com.google.protobuf.Message.Builder

    mergeDelimitedFrom, mergeDelimitedFrom

    Methods inherited from interface com.google.protobuf.MessageLite.Builder

    mergeFrom

    Methods inherited from interface com.google.protobuf.MessageOrBuilder

    findInitializationErrors, getAllFields, getField, getInitializationErrorString, getOneofFieldDescriptor, getRepeatedField, getRepeatedFieldCount, getUnknownFields, hasField, hasOneof

  • Method Details

    • getDescriptor

      public static final com.google.protobuf.Descriptors.Descriptor getDescriptor()

    • internalGetFieldAccessorTable

      protected com.google.protobuf.GeneratedMessage.FieldAccessorTable internalGetFieldAccessorTable()
      Specified by:
      internalGetFieldAccessorTable in class com.google.protobuf.GeneratedMessage.Builder<UpstreamTlsContext.Builder>

    • clear

      public UpstreamTlsContext.Builder clear()
      Specified by:
      clear in interface com.google.protobuf.Message.Builder
      Specified by:
      clear in interface com.google.protobuf.MessageLite.Builder
      Overrides:
      clear in class com.google.protobuf.GeneratedMessage.Builder<UpstreamTlsContext.Builder>

    • getDescriptorForType

      public com.google.protobuf.Descriptors.Descriptor getDescriptorForType()
      Specified by:
      getDescriptorForType in interface com.google.protobuf.Message.Builder
      Specified by:
      getDescriptorForType in interface com.google.protobuf.MessageOrBuilder
      Overrides:
      getDescriptorForType in class com.google.protobuf.GeneratedMessage.Builder<UpstreamTlsContext.Builder>

    • getDefaultInstanceForType

      public UpstreamTlsContext getDefaultInstanceForType()
      Specified by:
      getDefaultInstanceForType in interface com.google.protobuf.MessageLiteOrBuilder
      Specified by:
      getDefaultInstanceForType in interface com.google.protobuf.MessageOrBuilder

    • build

      public UpstreamTlsContext build()
      Specified by:
      build in interface com.google.protobuf.Message.Builder
      Specified by:
      build in interface com.google.protobuf.MessageLite.Builder

    • buildPartial

      public UpstreamTlsContext buildPartial()
      Specified by:
      buildPartial in interface com.google.protobuf.Message.Builder
      Specified by:
      buildPartial in interface com.google.protobuf.MessageLite.Builder

    • mergeFrom

      public UpstreamTlsContext.Builder mergeFrom(com.google.protobuf.Message other)
      Specified by:
      mergeFrom in interface com.google.protobuf.Message.Builder
      Overrides:
      mergeFrom in class com.google.protobuf.AbstractMessage.Builder<UpstreamTlsContext.Builder>

    • mergeFrom

      public UpstreamTlsContext.Builder mergeFrom(UpstreamTlsContext other)

    • isInitialized

      public final boolean isInitialized()
      Specified by:
      isInitialized in interface com.google.protobuf.MessageLiteOrBuilder
      Overrides:
      isInitialized in class com.google.protobuf.GeneratedMessage.Builder<UpstreamTlsContext.Builder>

    • mergeFrom

      public UpstreamTlsContext.Builder mergeFrom(com.google.protobuf.CodedInputStream input, com.google.protobuf.ExtensionRegistryLite extensionRegistry) throws IOException
      Specified by:
      mergeFrom in interface com.google.protobuf.Message.Builder
      Specified by:
      mergeFrom in interface com.google.protobuf.MessageLite.Builder
      Overrides:
      mergeFrom in class com.google.protobuf.AbstractMessage.Builder<UpstreamTlsContext.Builder>
      Throws:
      IOException

    • hasCommonTlsContext

      public boolean hasCommonTlsContext()
      Common TLS context settings.

.. attention::

Server certificate verification is not enabled by default. Configure
:ref:`trusted_ca<envoy_v3_api_field_extensions.transport_sockets.tls.v3.CertificateValidationContext.trusted_ca>` to enable
verification.
      .envoy.extensions.transport_sockets.tls.v3.CommonTlsContext common_tls_context = 1;
      Specified by:
      hasCommonTlsContext in interface UpstreamTlsContextOrBuilder
      Returns:
      Whether the commonTlsContext field is set.

    • getCommonTlsContext

      public CommonTlsContext getCommonTlsContext()
      Common TLS context settings.

.. attention::

Server certificate verification is not enabled by default. Configure
:ref:`trusted_ca<envoy_v3_api_field_extensions.transport_sockets.tls.v3.CertificateValidationContext.trusted_ca>` to enable
verification.
      .envoy.extensions.transport_sockets.tls.v3.CommonTlsContext common_tls_context = 1;
      Specified by:
      getCommonTlsContext in interface UpstreamTlsContextOrBuilder
      Returns:
      The commonTlsContext.

    • setCommonTlsContext

      public UpstreamTlsContext.Builder setCommonTlsContext(CommonTlsContext value)
      Common TLS context settings.

.. attention::

Server certificate verification is not enabled by default. Configure
:ref:`trusted_ca<envoy_v3_api_field_extensions.transport_sockets.tls.v3.CertificateValidationContext.trusted_ca>` to enable
verification.
      .envoy.extensions.transport_sockets.tls.v3.CommonTlsContext common_tls_context = 1;

    • setCommonTlsContext

      public UpstreamTlsContext.Builder setCommonTlsContext(CommonTlsContext.Builder builderForValue)
      Common TLS context settings.

.. attention::

Server certificate verification is not enabled by default. Configure
:ref:`trusted_ca<envoy_v3_api_field_extensions.transport_sockets.tls.v3.CertificateValidationContext.trusted_ca>` to enable
verification.
      .envoy.extensions.transport_sockets.tls.v3.CommonTlsContext common_tls_context = 1;

    • mergeCommonTlsContext

      public UpstreamTlsContext.Builder mergeCommonTlsContext(CommonTlsContext value)
      Common TLS context settings.

.. attention::

Server certificate verification is not enabled by default. Configure
:ref:`trusted_ca<envoy_v3_api_field_extensions.transport_sockets.tls.v3.CertificateValidationContext.trusted_ca>` to enable
verification.
      .envoy.extensions.transport_sockets.tls.v3.CommonTlsContext common_tls_context = 1;

    • clearCommonTlsContext

      public UpstreamTlsContext.Builder clearCommonTlsContext()
      Common TLS context settings.

.. attention::

Server certificate verification is not enabled by default. Configure
:ref:`trusted_ca<envoy_v3_api_field_extensions.transport_sockets.tls.v3.CertificateValidationContext.trusted_ca>` to enable
verification.
      .envoy.extensions.transport_sockets.tls.v3.CommonTlsContext common_tls_context = 1;

    • getCommonTlsContextBuilder

      public CommonTlsContext.Builder getCommonTlsContextBuilder()
      Common TLS context settings.

.. attention::

Server certificate verification is not enabled by default. Configure
:ref:`trusted_ca<envoy_v3_api_field_extensions.transport_sockets.tls.v3.CertificateValidationContext.trusted_ca>` to enable
verification.
      .envoy.extensions.transport_sockets.tls.v3.CommonTlsContext common_tls_context = 1;

    • getCommonTlsContextOrBuilder

      public CommonTlsContextOrBuilder getCommonTlsContextOrBuilder()
      Common TLS context settings.

.. attention::

Server certificate verification is not enabled by default. Configure
:ref:`trusted_ca<envoy_v3_api_field_extensions.transport_sockets.tls.v3.CertificateValidationContext.trusted_ca>` to enable
verification.
      .envoy.extensions.transport_sockets.tls.v3.CommonTlsContext common_tls_context = 1;
      Specified by:
      getCommonTlsContextOrBuilder in interface UpstreamTlsContextOrBuilder

    • getSni

      public String getSni()
      SNI string to use when creating TLS backend connections.
      string sni = 2 [(.validate.rules) = { ... }
      Specified by:
      getSni in interface UpstreamTlsContextOrBuilder
      Returns:
      The sni.

    • getSniBytes

      public com.google.protobuf.ByteString getSniBytes()
      SNI string to use when creating TLS backend connections.
      string sni = 2 [(.validate.rules) = { ... }
      Specified by:
      getSniBytes in interface UpstreamTlsContextOrBuilder
      Returns:
      The bytes for sni.

    • setSni

      public UpstreamTlsContext.Builder setSni(String value)
      SNI string to use when creating TLS backend connections.
      string sni = 2 [(.validate.rules) = { ... }
      Parameters:
      value - The sni to set.
      Returns:
      This builder for chaining.

    • clearSni

      public UpstreamTlsContext.Builder clearSni()
      SNI string to use when creating TLS backend connections.
      string sni = 2 [(.validate.rules) = { ... }
      Returns:
      This builder for chaining.

    • setSniBytes

      public UpstreamTlsContext.Builder setSniBytes(com.google.protobuf.ByteString value)
      SNI string to use when creating TLS backend connections.
      string sni = 2 [(.validate.rules) = { ... }
      Parameters:
      value - The bytes for sni to set.
      Returns:
      This builder for chaining.

    • getAllowRenegotiation

      public boolean getAllowRenegotiation()
      If true, server-initiated TLS renegotiation will be allowed.

.. attention::

TLS renegotiation is considered insecure and shouldn't be used unless absolutely necessary.
      bool allow_renegotiation = 3;
      Specified by:
      getAllowRenegotiation in interface UpstreamTlsContextOrBuilder
      Returns:
      The allowRenegotiation.

    • setAllowRenegotiation

      public UpstreamTlsContext.Builder setAllowRenegotiation(boolean value)
      If true, server-initiated TLS renegotiation will be allowed.

.. attention::

TLS renegotiation is considered insecure and shouldn't be used unless absolutely necessary.
      bool allow_renegotiation = 3;
      Parameters:
      value - The allowRenegotiation to set.
      Returns:
      This builder for chaining.

    • clearAllowRenegotiation

      public UpstreamTlsContext.Builder clearAllowRenegotiation()
      If true, server-initiated TLS renegotiation will be allowed.

.. attention::

TLS renegotiation is considered insecure and shouldn't be used unless absolutely necessary.
      bool allow_renegotiation = 3;
      Returns:
      This builder for chaining.

    • hasMaxSessionKeys

      public boolean hasMaxSessionKeys()
      Maximum number of session keys (Pre-Shared Keys for TLSv1.3+, Session IDs and Session Tickets
for TLSv1.2 and older) to store for the purpose of session resumption.

Defaults to 1, setting this to 0 disables session resumption.
      .google.protobuf.UInt32Value max_session_keys = 4;
      Specified by:
      hasMaxSessionKeys in interface UpstreamTlsContextOrBuilder
      Returns:
      Whether the maxSessionKeys field is set.

    • getMaxSessionKeys

      public com.google.protobuf.UInt32Value getMaxSessionKeys()
      Maximum number of session keys (Pre-Shared Keys for TLSv1.3+, Session IDs and Session Tickets
for TLSv1.2 and older) to store for the purpose of session resumption.

Defaults to 1, setting this to 0 disables session resumption.
      .google.protobuf.UInt32Value max_session_keys = 4;
      Specified by:
      getMaxSessionKeys in interface UpstreamTlsContextOrBuilder
      Returns:
      The maxSessionKeys.

    • setMaxSessionKeys

      public UpstreamTlsContext.Builder setMaxSessionKeys(com.google.protobuf.UInt32Value value)
      Maximum number of session keys (Pre-Shared Keys for TLSv1.3+, Session IDs and Session Tickets
for TLSv1.2 and older) to store for the purpose of session resumption.

Defaults to 1, setting this to 0 disables session resumption.
      .google.protobuf.UInt32Value max_session_keys = 4;

    • setMaxSessionKeys

      public UpstreamTlsContext.Builder setMaxSessionKeys(com.google.protobuf.UInt32Value.Builder builderForValue)
      Maximum number of session keys (Pre-Shared Keys for TLSv1.3+, Session IDs and Session Tickets
for TLSv1.2 and older) to store for the purpose of session resumption.

Defaults to 1, setting this to 0 disables session resumption.
      .google.protobuf.UInt32Value max_session_keys = 4;

    • mergeMaxSessionKeys

      public UpstreamTlsContext.Builder mergeMaxSessionKeys(com.google.protobuf.UInt32Value value)
      Maximum number of session keys (Pre-Shared Keys for TLSv1.3+, Session IDs and Session Tickets
for TLSv1.2 and older) to store for the purpose of session resumption.

Defaults to 1, setting this to 0 disables session resumption.
      .google.protobuf.UInt32Value max_session_keys = 4;

    • clearMaxSessionKeys

      public UpstreamTlsContext.Builder clearMaxSessionKeys()
      Maximum number of session keys (Pre-Shared Keys for TLSv1.3+, Session IDs and Session Tickets
for TLSv1.2 and older) to store for the purpose of session resumption.

Defaults to 1, setting this to 0 disables session resumption.
      .google.protobuf.UInt32Value max_session_keys = 4;

    • getMaxSessionKeysBuilder

      public com.google.protobuf.UInt32Value.Builder getMaxSessionKeysBuilder()
      Maximum number of session keys (Pre-Shared Keys for TLSv1.3+, Session IDs and Session Tickets
for TLSv1.2 and older) to store for the purpose of session resumption.

Defaults to 1, setting this to 0 disables session resumption.
      .google.protobuf.UInt32Value max_session_keys = 4;

    • getMaxSessionKeysOrBuilder

      public com.google.protobuf.UInt32ValueOrBuilder getMaxSessionKeysOrBuilder()
      Maximum number of session keys (Pre-Shared Keys for TLSv1.3+, Session IDs and Session Tickets
for TLSv1.2 and older) to store for the purpose of session resumption.

Defaults to 1, setting this to 0 disables session resumption.
      .google.protobuf.UInt32Value max_session_keys = 4;
      Specified by:
      getMaxSessionKeysOrBuilder in interface UpstreamTlsContextOrBuilder

    • hasEnforceRsaKeyUsage

      public boolean hasEnforceRsaKeyUsage()
      This field is used to control the enforcement, whereby the handshake will fail if the keyUsage extension
is present and incompatible with the TLS usage. Currently, the default value is false (i.e., enforcement off)
but it is expected to be changed to true by default in a future release.
``ssl.was_key_usage_invalid`` in :ref:`listener metrics <config_listener_stats>` will be set for certificate
configurations that would fail if this option were set to true.
      .google.protobuf.BoolValue enforce_rsa_key_usage = 5;
      Specified by:
      hasEnforceRsaKeyUsage in interface UpstreamTlsContextOrBuilder
      Returns:
      Whether the enforceRsaKeyUsage field is set.

    • getEnforceRsaKeyUsage

      public com.google.protobuf.BoolValue getEnforceRsaKeyUsage()
      This field is used to control the enforcement, whereby the handshake will fail if the keyUsage extension
is present and incompatible with the TLS usage. Currently, the default value is false (i.e., enforcement off)
but it is expected to be changed to true by default in a future release.
``ssl.was_key_usage_invalid`` in :ref:`listener metrics <config_listener_stats>` will be set for certificate
configurations that would fail if this option were set to true.
      .google.protobuf.BoolValue enforce_rsa_key_usage = 5;
      Specified by:
      getEnforceRsaKeyUsage in interface UpstreamTlsContextOrBuilder
      Returns:
      The enforceRsaKeyUsage.

    • setEnforceRsaKeyUsage

      public UpstreamTlsContext.Builder setEnforceRsaKeyUsage(com.google.protobuf.BoolValue value)
      This field is used to control the enforcement, whereby the handshake will fail if the keyUsage extension
is present and incompatible with the TLS usage. Currently, the default value is false (i.e., enforcement off)
but it is expected to be changed to true by default in a future release.
``ssl.was_key_usage_invalid`` in :ref:`listener metrics <config_listener_stats>` will be set for certificate
configurations that would fail if this option were set to true.
      .google.protobuf.BoolValue enforce_rsa_key_usage = 5;

    • setEnforceRsaKeyUsage

      public UpstreamTlsContext.Builder setEnforceRsaKeyUsage(com.google.protobuf.BoolValue.Builder builderForValue)
      This field is used to control the enforcement, whereby the handshake will fail if the keyUsage extension
is present and incompatible with the TLS usage. Currently, the default value is false (i.e., enforcement off)
but it is expected to be changed to true by default in a future release.
``ssl.was_key_usage_invalid`` in :ref:`listener metrics <config_listener_stats>` will be set for certificate
configurations that would fail if this option were set to true.
      .google.protobuf.BoolValue enforce_rsa_key_usage = 5;

    • mergeEnforceRsaKeyUsage

      public UpstreamTlsContext.Builder mergeEnforceRsaKeyUsage(com.google.protobuf.BoolValue value)
      This field is used to control the enforcement, whereby the handshake will fail if the keyUsage extension
is present and incompatible with the TLS usage. Currently, the default value is false (i.e., enforcement off)
but it is expected to be changed to true by default in a future release.
``ssl.was_key_usage_invalid`` in :ref:`listener metrics <config_listener_stats>` will be set for certificate
configurations that would fail if this option were set to true.
      .google.protobuf.BoolValue enforce_rsa_key_usage = 5;

    • clearEnforceRsaKeyUsage

      public UpstreamTlsContext.Builder clearEnforceRsaKeyUsage()
      This field is used to control the enforcement, whereby the handshake will fail if the keyUsage extension
is present and incompatible with the TLS usage. Currently, the default value is false (i.e., enforcement off)
but it is expected to be changed to true by default in a future release.
``ssl.was_key_usage_invalid`` in :ref:`listener metrics <config_listener_stats>` will be set for certificate
configurations that would fail if this option were set to true.
      .google.protobuf.BoolValue enforce_rsa_key_usage = 5;

    • getEnforceRsaKeyUsageBuilder

      public com.google.protobuf.BoolValue.Builder getEnforceRsaKeyUsageBuilder()
      This field is used to control the enforcement, whereby the handshake will fail if the keyUsage extension
is present and incompatible with the TLS usage. Currently, the default value is false (i.e., enforcement off)
but it is expected to be changed to true by default in a future release.
``ssl.was_key_usage_invalid`` in :ref:`listener metrics <config_listener_stats>` will be set for certificate
configurations that would fail if this option were set to true.
      .google.protobuf.BoolValue enforce_rsa_key_usage = 5;

    • getEnforceRsaKeyUsageOrBuilder

      public com.google.protobuf.BoolValueOrBuilder getEnforceRsaKeyUsageOrBuilder()
      This field is used to control the enforcement, whereby the handshake will fail if the keyUsage extension
is present and incompatible with the TLS usage. Currently, the default value is false (i.e., enforcement off)
but it is expected to be changed to true by default in a future release.
``ssl.was_key_usage_invalid`` in :ref:`listener metrics <config_listener_stats>` will be set for certificate
configurations that would fail if this option were set to true.
      .google.protobuf.BoolValue enforce_rsa_key_usage = 5;
      Specified by:
      getEnforceRsaKeyUsageOrBuilder in interface UpstreamTlsContextOrBuilder