istio.io/istio@v0.0.0-20240520182934-d79c90f27776/pkg/config/analysis/analyzers/testdata/destinationrule-with-ca.yaml

istio.io/istio@v0.0.0-20240520182934-d79c90f27776/pkg/config/analysis/analyzers/testdata/destinationrule-with-ca.yaml (about)

     1  #  caCertificates when mode is mutual at destination level and simple at port level
     2  apiVersion: networking.istio.io/v1alpha3
     3  kind: DestinationRule
     4  metadata:
     5    name: db-mtls
     6  spec:
     7    host: mydbserver.prod.svc.cluster.local
     8    trafficPolicy:
     9      tls:
    10        mode: MUTUAL
    11        clientCertificate: /etc/certs/myclientcert.pem
    12        privateKey: /etc/certs/client_private_key.pem
    13        caCertificates: /etc/certs/root.pem
    14      portLevelSettings:
    15        - port:
    16            number: 443
    17          tls:
    18            mode: SIMPLE
    19            clientCertificate: /etc/certs/myclientcert.pem
    20            privateKey: /etc/certs/client_private_key.pem
    21            caCertificates: /etc/certs/root.pem
    22            sni: my-nginx.mesh-external.svc.cluster.local