我的书签
添加书签
移除书签Client TLS authentication
This filter should be configured with the name envoy.filters.network.client_ssl_auth.
Every configured client TLS authentication filter has statistics rooted at auth.clientssl.<stat_prefix>. with the following statistics:
REST API
The authentication filter will call this API every refresh interval to fetch the current list of approved certificates/principals. The expected JSON response looks like:
Each certificate object is defined as:
-
(required, string) The SHA256 hash of the approved client certificate. Envoy will match this hash to the presented client certificate to determine whether there is a digest match.
