pulumi-gcp-kotlin/com.pulumi.gcp.apigee.kotlin.inputs/TargetServerSSlInfoArgs

TargetServerSSlInfoArgs

data class TargetServerSSlInfoArgs(val ciphers: Output<List<String>>? = null, val clientAuthEnabled: Output<Boolean>? = null, val commonName: Output<TargetServerSSlInfoCommonNameArgs>? = null, val enabled: Output<Boolean>, val enforce: Output<Boolean>? = null, val ignoreValidationErrors: Output<Boolean>? = null, val keyAlias: Output<String>? = null, val keyStore: Output<String>? = null, val protocols: Output<List<String>>? = null, val trustStore: Output<String>? = null) : ConvertibleToJava<TargetServerSSlInfoArgs>

Constructors

Link copied to clipboard
constructor(ciphers: Output<List<String>>? = null, clientAuthEnabled: Output<Boolean>? = null, commonName: Output<TargetServerSSlInfoCommonNameArgs>? = null, enabled: Output<Boolean>, enforce: Output<Boolean>? = null, ignoreValidationErrors: Output<Boolean>? = null, keyAlias: Output<String>? = null, keyStore: Output<String>? = null, protocols: Output<List<String>>? = null, trustStore: Output<String>? = null)

Properties

Link copied to clipboard
val ciphers: Output<List<String>>? = null

The SSL/TLS cipher suites to be used. For programmable proxies, it must be one of the cipher suite names listed in: http://docs.oracle.com/javase/8/docs/technotes/guides/security/StandardNames.html#ciphersuites. For configurable proxies, it must follow the configuration specified in: https://commondatastorage.googleapis.com/chromium-boringssl-docs/ssl.h.html#Cipher-suite-configuration. This setting has no effect for configurable proxies when negotiating TLS 1.3.

Link copied to clipboard
val clientAuthEnabled: Output<Boolean>? = null

Enables two-way TLS.

Link copied to clipboard
val commonName: Output<TargetServerSSlInfoCommonNameArgs>? = null

The TLS Common Name of the certificate. Structure is documented below.

Link copied to clipboard
val enabled: Output<Boolean>

Enables TLS. If false, neither one-way nor two-way TLS will be enabled.

Link copied to clipboard
val enforce: Output<Boolean>? = null

If true, TLS is strictly enforced.

Link copied to clipboard
val ignoreValidationErrors: Output<Boolean>? = null

If true, Edge ignores TLS certificate errors. Valid when configuring TLS for target servers and target endpoints, and when configuring virtual hosts that use 2-way TLS. When used with a target endpoint/target server, if the backend system uses SNI and returns a cert with a subject Distinguished Name (DN) that does not match the hostname, there is no way to ignore the error and the connection fails.

Link copied to clipboard
val keyAlias: Output<String>? = null

Required if clientAuthEnabled is true. The resource ID for the alias containing the private key and cert.

Link copied to clipboard
val keyStore: Output<String>? = null

Required if clientAuthEnabled is true. The resource ID of the keystore.

Link copied to clipboard
val protocols: Output<List<String>>? = null

The TLS versioins to be used.

Link copied to clipboard
val trustStore: Output<String>? = null

The resource ID of the truststore.

Functions

Link copied to clipboard
open override fun toJava(): TargetServerSSlInfoArgs