Package io.envoyproxy.envoy.extensions.transport_sockets.tls.v3

Class UpstreamTlsContext.Builder

    • Method Detail

      • getDescriptor

        public static final com.google.protobuf.Descriptors.Descriptor getDescriptor()

      • internalGetFieldAccessorTable

        protected com.google.protobuf.GeneratedMessageV3.FieldAccessorTable internalGetFieldAccessorTable()
        Specified by:
        internalGetFieldAccessorTable in class com.google.protobuf.GeneratedMessageV3.Builder<UpstreamTlsContext.Builder>

      • clear

        public UpstreamTlsContext.Builder clear()
        Specified by:
        clear in interface com.google.protobuf.Message.Builder
        Specified by:
        clear in interface com.google.protobuf.MessageLite.Builder
        Overrides:
        clear in class com.google.protobuf.GeneratedMessageV3.Builder<UpstreamTlsContext.Builder>

      • getDescriptorForType

        public com.google.protobuf.Descriptors.Descriptor getDescriptorForType()
        Specified by:
        getDescriptorForType in interface com.google.protobuf.Message.Builder
        Specified by:
        getDescriptorForType in interface com.google.protobuf.MessageOrBuilder
        Overrides:
        getDescriptorForType in class com.google.protobuf.GeneratedMessageV3.Builder<UpstreamTlsContext.Builder>

      • getDefaultInstanceForType

        public UpstreamTlsContext getDefaultInstanceForType()
        Specified by:
        getDefaultInstanceForType in interface com.google.protobuf.MessageLiteOrBuilder
        Specified by:
        getDefaultInstanceForType in interface com.google.protobuf.MessageOrBuilder

      • build

        public UpstreamTlsContext build()
        Specified by:
        build in interface com.google.protobuf.Message.Builder
        Specified by:
        build in interface com.google.protobuf.MessageLite.Builder

      • buildPartial

        public UpstreamTlsContext buildPartial()
        Specified by:
        buildPartial in interface com.google.protobuf.Message.Builder
        Specified by:
        buildPartial in interface com.google.protobuf.MessageLite.Builder

      • clone

        public UpstreamTlsContext.Builder clone()
        Specified by:
        clone in interface com.google.protobuf.Message.Builder
        Specified by:
        clone in interface com.google.protobuf.MessageLite.Builder
        Overrides:
        clone in class com.google.protobuf.GeneratedMessageV3.Builder<UpstreamTlsContext.Builder>

      • setField

        public UpstreamTlsContext.Builder setField​(com.google.protobuf.Descriptors.FieldDescriptor field,
                                           Object value)
        Specified by:
        setField in interface com.google.protobuf.Message.Builder
        Overrides:
        setField in class com.google.protobuf.GeneratedMessageV3.Builder<UpstreamTlsContext.Builder>

      • clearField

        public UpstreamTlsContext.Builder clearField​(com.google.protobuf.Descriptors.FieldDescriptor field)
        Specified by:
        clearField in interface com.google.protobuf.Message.Builder
        Overrides:
        clearField in class com.google.protobuf.GeneratedMessageV3.Builder<UpstreamTlsContext.Builder>

      • clearOneof

        public UpstreamTlsContext.Builder clearOneof​(com.google.protobuf.Descriptors.OneofDescriptor oneof)
        Specified by:
        clearOneof in interface com.google.protobuf.Message.Builder
        Overrides:
        clearOneof in class com.google.protobuf.GeneratedMessageV3.Builder<UpstreamTlsContext.Builder>

      • setRepeatedField

        public UpstreamTlsContext.Builder setRepeatedField​(com.google.protobuf.Descriptors.FieldDescriptor field,
                                                   int index,
                                                   Object value)
        Specified by:
        setRepeatedField in interface com.google.protobuf.Message.Builder
        Overrides:
        setRepeatedField in class com.google.protobuf.GeneratedMessageV3.Builder<UpstreamTlsContext.Builder>

      • addRepeatedField

        public UpstreamTlsContext.Builder addRepeatedField​(com.google.protobuf.Descriptors.FieldDescriptor field,
                                                   Object value)
        Specified by:
        addRepeatedField in interface com.google.protobuf.Message.Builder
        Overrides:
        addRepeatedField in class com.google.protobuf.GeneratedMessageV3.Builder<UpstreamTlsContext.Builder>

      • mergeFrom

        public UpstreamTlsContext.Builder mergeFrom​(com.google.protobuf.Message other)
        Specified by:
        mergeFrom in interface com.google.protobuf.Message.Builder
        Overrides:
        mergeFrom in class com.google.protobuf.AbstractMessage.Builder<UpstreamTlsContext.Builder>

      • isInitialized

        public final boolean isInitialized()
        Specified by:
        isInitialized in interface com.google.protobuf.MessageLiteOrBuilder
        Overrides:
        isInitialized in class com.google.protobuf.GeneratedMessageV3.Builder<UpstreamTlsContext.Builder>

      • mergeFrom

        public UpstreamTlsContext.Builder mergeFrom​(com.google.protobuf.CodedInputStream input,
                                            com.google.protobuf.ExtensionRegistryLite extensionRegistry)
                                     throws IOException
        Specified by:
        mergeFrom in interface com.google.protobuf.Message.Builder
        Specified by:
        mergeFrom in interface com.google.protobuf.MessageLite.Builder
        Overrides:
        mergeFrom in class com.google.protobuf.AbstractMessage.Builder<UpstreamTlsContext.Builder>
        Throws:
        IOException

      • hasCommonTlsContext

        public boolean hasCommonTlsContext()
         Common TLS context settings.
 .. attention::
   Server certificate verification is not enabled by default. Configure
   :ref:`trusted_ca<envoy_v3_api_field_extensions.transport_sockets.tls.v3.CertificateValidationContext.trusted_ca>` to enable
   verification.
        .envoy.extensions.transport_sockets.tls.v3.CommonTlsContext common_tls_context = 1;
        Specified by:
        hasCommonTlsContext in interface UpstreamTlsContextOrBuilder
        Returns:
        Whether the commonTlsContext field is set.

      • getCommonTlsContext

        public CommonTlsContext getCommonTlsContext()
         Common TLS context settings.
 .. attention::
   Server certificate verification is not enabled by default. Configure
   :ref:`trusted_ca<envoy_v3_api_field_extensions.transport_sockets.tls.v3.CertificateValidationContext.trusted_ca>` to enable
   verification.
        .envoy.extensions.transport_sockets.tls.v3.CommonTlsContext common_tls_context = 1;
        Specified by:
        getCommonTlsContext in interface UpstreamTlsContextOrBuilder
        Returns:
        The commonTlsContext.

      • setCommonTlsContext

        public UpstreamTlsContext.Builder setCommonTlsContext​(CommonTlsContext value)
         Common TLS context settings.
 .. attention::
   Server certificate verification is not enabled by default. Configure
   :ref:`trusted_ca<envoy_v3_api_field_extensions.transport_sockets.tls.v3.CertificateValidationContext.trusted_ca>` to enable
   verification.
        .envoy.extensions.transport_sockets.tls.v3.CommonTlsContext common_tls_context = 1;

      • setCommonTlsContext

        public UpstreamTlsContext.Builder setCommonTlsContext​(CommonTlsContext.Builder builderForValue)
         Common TLS context settings.
 .. attention::
   Server certificate verification is not enabled by default. Configure
   :ref:`trusted_ca<envoy_v3_api_field_extensions.transport_sockets.tls.v3.CertificateValidationContext.trusted_ca>` to enable
   verification.
        .envoy.extensions.transport_sockets.tls.v3.CommonTlsContext common_tls_context = 1;

      • mergeCommonTlsContext

        public UpstreamTlsContext.Builder mergeCommonTlsContext​(CommonTlsContext value)
         Common TLS context settings.
 .. attention::
   Server certificate verification is not enabled by default. Configure
   :ref:`trusted_ca<envoy_v3_api_field_extensions.transport_sockets.tls.v3.CertificateValidationContext.trusted_ca>` to enable
   verification.
        .envoy.extensions.transport_sockets.tls.v3.CommonTlsContext common_tls_context = 1;

      • clearCommonTlsContext

        public UpstreamTlsContext.Builder clearCommonTlsContext()
         Common TLS context settings.
 .. attention::
   Server certificate verification is not enabled by default. Configure
   :ref:`trusted_ca<envoy_v3_api_field_extensions.transport_sockets.tls.v3.CertificateValidationContext.trusted_ca>` to enable
   verification.
        .envoy.extensions.transport_sockets.tls.v3.CommonTlsContext common_tls_context = 1;

      • getCommonTlsContextBuilder

        public CommonTlsContext.Builder getCommonTlsContextBuilder()
         Common TLS context settings.
 .. attention::
   Server certificate verification is not enabled by default. Configure
   :ref:`trusted_ca<envoy_v3_api_field_extensions.transport_sockets.tls.v3.CertificateValidationContext.trusted_ca>` to enable
   verification.
        .envoy.extensions.transport_sockets.tls.v3.CommonTlsContext common_tls_context = 1;

      • getCommonTlsContextOrBuilder

        public CommonTlsContextOrBuilder getCommonTlsContextOrBuilder()
         Common TLS context settings.
 .. attention::
   Server certificate verification is not enabled by default. Configure
   :ref:`trusted_ca<envoy_v3_api_field_extensions.transport_sockets.tls.v3.CertificateValidationContext.trusted_ca>` to enable
   verification.
        .envoy.extensions.transport_sockets.tls.v3.CommonTlsContext common_tls_context = 1;
        Specified by:
        getCommonTlsContextOrBuilder in interface UpstreamTlsContextOrBuilder

      • getSni

        public String getSni()
         SNI string to use when creating TLS backend connections.
        string sni = 2 [(.validate.rules) = { ... }
        Specified by:
        getSni in interface UpstreamTlsContextOrBuilder
        Returns:
        The sni.

      • getSniBytes

        public com.google.protobuf.ByteString getSniBytes()
         SNI string to use when creating TLS backend connections.
        string sni = 2 [(.validate.rules) = { ... }
        Specified by:
        getSniBytes in interface UpstreamTlsContextOrBuilder
        Returns:
        The bytes for sni.

      • setSni

        public UpstreamTlsContext.Builder setSni​(String value)
         SNI string to use when creating TLS backend connections.
        string sni = 2 [(.validate.rules) = { ... }
        Parameters:
        value - The sni to set.
        Returns:
        This builder for chaining.

      • clearSni

        public UpstreamTlsContext.Builder clearSni()
         SNI string to use when creating TLS backend connections.
        string sni = 2 [(.validate.rules) = { ... }
        Returns:
        This builder for chaining.

      • setSniBytes

        public UpstreamTlsContext.Builder setSniBytes​(com.google.protobuf.ByteString value)
         SNI string to use when creating TLS backend connections.
        string sni = 2 [(.validate.rules) = { ... }
        Parameters:
        value - The bytes for sni to set.
        Returns:
        This builder for chaining.

      • getAllowRenegotiation

        public boolean getAllowRenegotiation()
         If true, server-initiated TLS renegotiation will be allowed.
 .. attention::
   TLS renegotiation is considered insecure and shouldn't be used unless absolutely necessary.
        bool allow_renegotiation = 3;
        Specified by:
        getAllowRenegotiation in interface UpstreamTlsContextOrBuilder
        Returns:
        The allowRenegotiation.

      • setAllowRenegotiation

        public UpstreamTlsContext.Builder setAllowRenegotiation​(boolean value)
         If true, server-initiated TLS renegotiation will be allowed.
 .. attention::
   TLS renegotiation is considered insecure and shouldn't be used unless absolutely necessary.
        bool allow_renegotiation = 3;
        Parameters:
        value - The allowRenegotiation to set.
        Returns:
        This builder for chaining.

      • clearAllowRenegotiation

        public UpstreamTlsContext.Builder clearAllowRenegotiation()
         If true, server-initiated TLS renegotiation will be allowed.
 .. attention::
   TLS renegotiation is considered insecure and shouldn't be used unless absolutely necessary.
        bool allow_renegotiation = 3;
        Returns:
        This builder for chaining.

      • hasMaxSessionKeys

        public boolean hasMaxSessionKeys()
         Maximum number of session keys (Pre-Shared Keys for TLSv1.3+, Session IDs and Session Tickets
 for TLSv1.2 and older) to store for the purpose of session resumption.
 Defaults to 1, setting this to 0 disables session resumption.
        .google.protobuf.UInt32Value max_session_keys = 4;
        Specified by:
        hasMaxSessionKeys in interface UpstreamTlsContextOrBuilder
        Returns:
        Whether the maxSessionKeys field is set.

      • getMaxSessionKeys

        public com.google.protobuf.UInt32Value getMaxSessionKeys()
         Maximum number of session keys (Pre-Shared Keys for TLSv1.3+, Session IDs and Session Tickets
 for TLSv1.2 and older) to store for the purpose of session resumption.
 Defaults to 1, setting this to 0 disables session resumption.
        .google.protobuf.UInt32Value max_session_keys = 4;
        Specified by:
        getMaxSessionKeys in interface UpstreamTlsContextOrBuilder
        Returns:
        The maxSessionKeys.

      • setMaxSessionKeys

        public UpstreamTlsContext.Builder setMaxSessionKeys​(com.google.protobuf.UInt32Value value)
         Maximum number of session keys (Pre-Shared Keys for TLSv1.3+, Session IDs and Session Tickets
 for TLSv1.2 and older) to store for the purpose of session resumption.
 Defaults to 1, setting this to 0 disables session resumption.
        .google.protobuf.UInt32Value max_session_keys = 4;

      • setMaxSessionKeys

        public UpstreamTlsContext.Builder setMaxSessionKeys​(com.google.protobuf.UInt32Value.Builder builderForValue)
         Maximum number of session keys (Pre-Shared Keys for TLSv1.3+, Session IDs and Session Tickets
 for TLSv1.2 and older) to store for the purpose of session resumption.
 Defaults to 1, setting this to 0 disables session resumption.
        .google.protobuf.UInt32Value max_session_keys = 4;

      • mergeMaxSessionKeys

        public UpstreamTlsContext.Builder mergeMaxSessionKeys​(com.google.protobuf.UInt32Value value)
         Maximum number of session keys (Pre-Shared Keys for TLSv1.3+, Session IDs and Session Tickets
 for TLSv1.2 and older) to store for the purpose of session resumption.
 Defaults to 1, setting this to 0 disables session resumption.
        .google.protobuf.UInt32Value max_session_keys = 4;

      • clearMaxSessionKeys

        public UpstreamTlsContext.Builder clearMaxSessionKeys()
         Maximum number of session keys (Pre-Shared Keys for TLSv1.3+, Session IDs and Session Tickets
 for TLSv1.2 and older) to store for the purpose of session resumption.
 Defaults to 1, setting this to 0 disables session resumption.
        .google.protobuf.UInt32Value max_session_keys = 4;

      • getMaxSessionKeysBuilder

        public com.google.protobuf.UInt32Value.Builder getMaxSessionKeysBuilder()
         Maximum number of session keys (Pre-Shared Keys for TLSv1.3+, Session IDs and Session Tickets
 for TLSv1.2 and older) to store for the purpose of session resumption.
 Defaults to 1, setting this to 0 disables session resumption.
        .google.protobuf.UInt32Value max_session_keys = 4;

      • getMaxSessionKeysOrBuilder

        public com.google.protobuf.UInt32ValueOrBuilder getMaxSessionKeysOrBuilder()
         Maximum number of session keys (Pre-Shared Keys for TLSv1.3+, Session IDs and Session Tickets
 for TLSv1.2 and older) to store for the purpose of session resumption.
 Defaults to 1, setting this to 0 disables session resumption.
        .google.protobuf.UInt32Value max_session_keys = 4;
        Specified by:
        getMaxSessionKeysOrBuilder in interface UpstreamTlsContextOrBuilder

      • hasEnforceRsaKeyUsage

        public boolean hasEnforceRsaKeyUsage()
         This field is used to control the enforcement, whereby the handshake will fail if the keyUsage extension
 is present and incompatible with the TLS usage. Currently, the default value is false (i.e., enforcement off)
 but it is expected to be changed to true by default in a future release.
 ``ssl.was_key_usage_invalid`` in :ref:`listener metrics <config_listener_stats>` will be set for certificate
 configurations that would fail if this option were set to true.
        .google.protobuf.BoolValue enforce_rsa_key_usage = 5;
        Specified by:
        hasEnforceRsaKeyUsage in interface UpstreamTlsContextOrBuilder
        Returns:
        Whether the enforceRsaKeyUsage field is set.

      • getEnforceRsaKeyUsage

        public com.google.protobuf.BoolValue getEnforceRsaKeyUsage()
         This field is used to control the enforcement, whereby the handshake will fail if the keyUsage extension
 is present and incompatible with the TLS usage. Currently, the default value is false (i.e., enforcement off)
 but it is expected to be changed to true by default in a future release.
 ``ssl.was_key_usage_invalid`` in :ref:`listener metrics <config_listener_stats>` will be set for certificate
 configurations that would fail if this option were set to true.
        .google.protobuf.BoolValue enforce_rsa_key_usage = 5;
        Specified by:
        getEnforceRsaKeyUsage in interface UpstreamTlsContextOrBuilder
        Returns:
        The enforceRsaKeyUsage.

      • setEnforceRsaKeyUsage

        public UpstreamTlsContext.Builder setEnforceRsaKeyUsage​(com.google.protobuf.BoolValue value)
         This field is used to control the enforcement, whereby the handshake will fail if the keyUsage extension
 is present and incompatible with the TLS usage. Currently, the default value is false (i.e., enforcement off)
 but it is expected to be changed to true by default in a future release.
 ``ssl.was_key_usage_invalid`` in :ref:`listener metrics <config_listener_stats>` will be set for certificate
 configurations that would fail if this option were set to true.
        .google.protobuf.BoolValue enforce_rsa_key_usage = 5;

      • setEnforceRsaKeyUsage

        public UpstreamTlsContext.Builder setEnforceRsaKeyUsage​(com.google.protobuf.BoolValue.Builder builderForValue)
         This field is used to control the enforcement, whereby the handshake will fail if the keyUsage extension
 is present and incompatible with the TLS usage. Currently, the default value is false (i.e., enforcement off)
 but it is expected to be changed to true by default in a future release.
 ``ssl.was_key_usage_invalid`` in :ref:`listener metrics <config_listener_stats>` will be set for certificate
 configurations that would fail if this option were set to true.
        .google.protobuf.BoolValue enforce_rsa_key_usage = 5;

      • mergeEnforceRsaKeyUsage

        public UpstreamTlsContext.Builder mergeEnforceRsaKeyUsage​(com.google.protobuf.BoolValue value)
         This field is used to control the enforcement, whereby the handshake will fail if the keyUsage extension
 is present and incompatible with the TLS usage. Currently, the default value is false (i.e., enforcement off)
 but it is expected to be changed to true by default in a future release.
 ``ssl.was_key_usage_invalid`` in :ref:`listener metrics <config_listener_stats>` will be set for certificate
 configurations that would fail if this option were set to true.
        .google.protobuf.BoolValue enforce_rsa_key_usage = 5;

      • clearEnforceRsaKeyUsage

        public UpstreamTlsContext.Builder clearEnforceRsaKeyUsage()
         This field is used to control the enforcement, whereby the handshake will fail if the keyUsage extension
 is present and incompatible with the TLS usage. Currently, the default value is false (i.e., enforcement off)
 but it is expected to be changed to true by default in a future release.
 ``ssl.was_key_usage_invalid`` in :ref:`listener metrics <config_listener_stats>` will be set for certificate
 configurations that would fail if this option were set to true.
        .google.protobuf.BoolValue enforce_rsa_key_usage = 5;

      • getEnforceRsaKeyUsageBuilder

        public com.google.protobuf.BoolValue.Builder getEnforceRsaKeyUsageBuilder()
         This field is used to control the enforcement, whereby the handshake will fail if the keyUsage extension
 is present and incompatible with the TLS usage. Currently, the default value is false (i.e., enforcement off)
 but it is expected to be changed to true by default in a future release.
 ``ssl.was_key_usage_invalid`` in :ref:`listener metrics <config_listener_stats>` will be set for certificate
 configurations that would fail if this option were set to true.
        .google.protobuf.BoolValue enforce_rsa_key_usage = 5;

      • getEnforceRsaKeyUsageOrBuilder

        public com.google.protobuf.BoolValueOrBuilder getEnforceRsaKeyUsageOrBuilder()
         This field is used to control the enforcement, whereby the handshake will fail if the keyUsage extension
 is present and incompatible with the TLS usage. Currently, the default value is false (i.e., enforcement off)
 but it is expected to be changed to true by default in a future release.
 ``ssl.was_key_usage_invalid`` in :ref:`listener metrics <config_listener_stats>` will be set for certificate
 configurations that would fail if this option were set to true.
        .google.protobuf.BoolValue enforce_rsa_key_usage = 5;
        Specified by:
        getEnforceRsaKeyUsageOrBuilder in interface UpstreamTlsContextOrBuilder

      • setUnknownFields

        public final UpstreamTlsContext.Builder setUnknownFields​(com.google.protobuf.UnknownFieldSet unknownFields)
        Specified by:
        setUnknownFields in interface com.google.protobuf.Message.Builder
        Overrides:
        setUnknownFields in class com.google.protobuf.GeneratedMessageV3.Builder<UpstreamTlsContext.Builder>

      • mergeUnknownFields

        public final UpstreamTlsContext.Builder mergeUnknownFields​(com.google.protobuf.UnknownFieldSet unknownFields)
        Specified by:
        mergeUnknownFields in interface com.google.protobuf.Message.Builder
        Overrides:
        mergeUnknownFields in class com.google.protobuf.GeneratedMessageV3.Builder<UpstreamTlsContext.Builder>