pulumi-google-native-kotlin/com.pulumi.googlenative.apigee.v1.kotlin.outputs/GoogleCloudApigeeV1TlsInfoResponse

GoogleCloudApigeeV1TlsInfoResponse

data class GoogleCloudApigeeV1TlsInfoResponse(val ciphers: List<String>, val clientAuthEnabled: Boolean, val commonName: GoogleCloudApigeeV1TlsInfoCommonNameResponse, val enabled: Boolean, val ignoreValidationErrors: Boolean, val keyAlias: String, val keyStore: String, val protocols: List<String>, val trustStore: String)

TLS configuration information for virtual hosts and TargetServers.

Constructors

Link copied to clipboard
fun GoogleCloudApigeeV1TlsInfoResponse(ciphers: List<String>, clientAuthEnabled: Boolean, commonName: GoogleCloudApigeeV1TlsInfoCommonNameResponse, enabled: Boolean, ignoreValidationErrors: Boolean, keyAlias: String, keyStore: String, protocols: List<String>, trustStore: String)

Types

Link copied to clipboard
object Companion

Properties

Link copied to clipboard
val ciphers: List<String>

The SSL/TLS cipher suites to be used. For programmable proxies, it must be one of the cipher suite names listed in: http://docs.oracle.com/javase/8/docs/technotes/guides/security/StandardNames.html#ciphersuites. For configurable proxies, it must follow the configuration specified in: https://commondatastorage.googleapis.com/chromium-boringssl-docs/ssl.h.html#Cipher-suite-configuration. This setting has no effect for configurable proxies when negotiating TLS 1.3.

Link copied to clipboard
val clientAuthEnabled: Boolean

Optional. Enables two-way TLS.

Link copied to clipboard
val commonName: GoogleCloudApigeeV1TlsInfoCommonNameResponse

The TLS Common Name of the certificate.

Link copied to clipboard
val enabled: Boolean

Enables TLS. If false, neither one-way nor two-way TLS will be enabled.

Link copied to clipboard
val ignoreValidationErrors: Boolean

If true, Edge ignores TLS certificate errors. Valid when configuring TLS for target servers and target endpoints, and when configuring virtual hosts that use 2-way TLS. When used with a target endpoint/target server, if the backend system uses SNI and returns a cert with a subject Distinguished Name (DN) that does not match the hostname, there is no way to ignore the error and the connection fails.

Link copied to clipboard
val keyAlias: String

Required if client_auth_enabled is true. The resource ID for the alias containing the private key and cert.

Link copied to clipboard
val keyStore: String

Required if client_auth_enabled is true. The resource ID of the keystore.

Link copied to clipboard
val protocols: List<String>

The TLS versioins to be used.

Link copied to clipboard
val trustStore: String

The resource ID of the truststore.