pulumi-gcp-kotlin/com.pulumi.gcp.apigee.kotlin.outputs/TargetServerSSlInfo

TargetServerSSlInfo

data class TargetServerSSlInfo(val ciphers: List<String>? = null, val clientAuthEnabled: Boolean? = null, val commonName: TargetServerSSlInfoCommonName? = null, val enabled: Boolean, val ignoreValidationErrors: Boolean? = null, val keyAlias: String? = null, val keyStore: String? = null, val protocols: List<String>? = null, val trustStore: String? = null)

Constructors

Link copied to clipboard
constructor(ciphers: List<String>? = null, clientAuthEnabled: Boolean? = null, commonName: TargetServerSSlInfoCommonName? = null, enabled: Boolean, ignoreValidationErrors: Boolean? = null, keyAlias: String? = null, keyStore: String? = null, protocols: List<String>? = null, trustStore: String? = null)

Types

Link copied to clipboard
object Companion

Properties

Link copied to clipboard
val ciphers: List<String>? = null

The SSL/TLS cipher suites to be used. For programmable proxies, it must be one of the cipher suite names listed in: http://docs.oracle.com/javase/8/docs/technotes/guides/security/StandardNames.html#ciphersuites. For configurable proxies, it must follow the configuration specified in: https://commondatastorage.googleapis.com/chromium-boringssl-docs/ssl.h.html#Cipher-suite-configuration. This setting has no effect for configurable proxies when negotiating TLS 1.3.

Link copied to clipboard
val clientAuthEnabled: Boolean? = null

Enables two-way TLS.

Link copied to clipboard
val commonName: TargetServerSSlInfoCommonName? = null

The TLS Common Name of the certificate. Structure is documented below.

Link copied to clipboard
val enabled: Boolean

Enables TLS. If false, neither one-way nor two-way TLS will be enabled.

Link copied to clipboard
val ignoreValidationErrors: Boolean? = null

If true, Edge ignores TLS certificate errors. Valid when configuring TLS for target servers and target endpoints, and when configuring virtual hosts that use 2-way TLS. When used with a target endpoint/target server, if the backend system uses SNI and returns a cert with a subject Distinguished Name (DN) that does not match the hostname, there is no way to ignore the error and the connection fails.

Link copied to clipboard
val keyAlias: String? = null

Required if clientAuthEnabled is true. The resource ID for the alias containing the private key and cert.

Link copied to clipboard
val keyStore: String? = null

Required if clientAuthEnabled is true. The resource ID of the keystore.

Link copied to clipboard
val protocols: List<String>? = null

The TLS versioins to be used.

Link copied to clipboard
val trustStore: String? = null

The resource ID of the truststore.