pulumi-google-native-kotlin/com.pulumi.googlenative.apigee.v1.kotlin.inputs/GoogleCloudApigeeV1TlsInfoArgs

GoogleCloudApigeeV1TlsInfoArgs

data class GoogleCloudApigeeV1TlsInfoArgs(val ciphers: Output<List<String>>? = null, val clientAuthEnabled: Output<Boolean>? = null, val commonName: Output<GoogleCloudApigeeV1TlsInfoCommonNameArgs>? = null, val enabled: Output<Boolean>, val ignoreValidationErrors: Output<Boolean>? = null, val keyAlias: Output<String>? = null, val keyStore: Output<String>? = null, val protocols: Output<List<String>>? = null, val trustStore: Output<String>? = null) : ConvertibleToJava<GoogleCloudApigeeV1TlsInfoArgs>

TLS configuration information for virtual hosts and TargetServers.

Constructors

Link copied to clipboard
fun GoogleCloudApigeeV1TlsInfoArgs(ciphers: Output<List<String>>? = null, clientAuthEnabled: Output<Boolean>? = null, commonName: Output<GoogleCloudApigeeV1TlsInfoCommonNameArgs>? = null, enabled: Output<Boolean>, ignoreValidationErrors: Output<Boolean>? = null, keyAlias: Output<String>? = null, keyStore: Output<String>? = null, protocols: Output<List<String>>? = null, trustStore: Output<String>? = null)

Functions

Link copied to clipboard
open override fun toJava(): GoogleCloudApigeeV1TlsInfoArgs

Properties

Link copied to clipboard
val ciphers: Output<List<String>>? = null

The SSL/TLS cipher suites to be used. For programmable proxies, it must be one of the cipher suite names listed in: http://docs.oracle.com/javase/8/docs/technotes/guides/security/StandardNames.html#ciphersuites. For configurable proxies, it must follow the configuration specified in: https://commondatastorage.googleapis.com/chromium-boringssl-docs/ssl.h.html#Cipher-suite-configuration. This setting has no effect for configurable proxies when negotiating TLS 1.3.

Link copied to clipboard
val clientAuthEnabled: Output<Boolean>? = null

Optional. Enables two-way TLS.

Link copied to clipboard
val commonName: Output<GoogleCloudApigeeV1TlsInfoCommonNameArgs>? = null

The TLS Common Name of the certificate.

Link copied to clipboard
val enabled: Output<Boolean>

Enables TLS. If false, neither one-way nor two-way TLS will be enabled.

Link copied to clipboard
val ignoreValidationErrors: Output<Boolean>? = null

If true, Edge ignores TLS certificate errors. Valid when configuring TLS for target servers and target endpoints, and when configuring virtual hosts that use 2-way TLS. When used with a target endpoint/target server, if the backend system uses SNI and returns a cert with a subject Distinguished Name (DN) that does not match the hostname, there is no way to ignore the error and the connection fails.

Link copied to clipboard
val keyAlias: Output<String>? = null

Required if client_auth_enabled is true. The resource ID for the alias containing the private key and cert.

Link copied to clipboard
val keyStore: Output<String>? = null

Required if client_auth_enabled is true. The resource ID of the keystore.

Link copied to clipboard
val protocols: Output<List<String>>? = null

The TLS versioins to be used.

Link copied to clipboard
val trustStore: Output<String>? = null

The resource ID of the truststore.