Example 11 with CommonTlsContext
use of io.envoyproxy.envoy.extensions.transport_sockets.tls.v3.CommonTlsContext in project grpc-java by grpc.
the class ClientXdsClientDataTest method validateCommonTlsContext_tlsCertificateCertificateProvider.
@Test
@SuppressWarnings("deprecation")
public void validateCommonTlsContext_tlsCertificateCertificateProvider() throws ResourceInvalidException {
CommonTlsContext commonTlsContext = CommonTlsContext.newBuilder().setTlsCertificateCertificateProvider(CommonTlsContext.CertificateProvider.getDefaultInstance()).build();
thrown.expect(ResourceInvalidException.class);
thrown.expectMessage("tls_certificate_provider_instance is unset");
ClientXdsClient.validateCommonTlsContext(commonTlsContext, null, false);
}
Also used :
CommonTlsContext(io.envoyproxy.envoy.extensions.transport_sockets.tls.v3.CommonTlsContext)
Test(org.junit.Test)
Example 12 with CommonTlsContext
use of io.envoyproxy.envoy.extensions.transport_sockets.tls.v3.CommonTlsContext in project grpc-java by grpc.
the class ClientXdsClientDataTest method validateCommonTlsContext_validationContext.
@Test
public void validateCommonTlsContext_validationContext() throws ResourceInvalidException {
CommonTlsContext commonTlsContext = CommonTlsContext.newBuilder().setValidationContext(CertificateValidationContext.getDefaultInstance()).build();
thrown.expect(ResourceInvalidException.class);
thrown.expectMessage("ca_certificate_provider_instance is required in upstream-tls-context");
ClientXdsClient.validateCommonTlsContext(commonTlsContext, null, false);
}
Also used :
CommonTlsContext(io.envoyproxy.envoy.extensions.transport_sockets.tls.v3.CommonTlsContext)
Test(org.junit.Test)
Example 13 with CommonTlsContext
use of io.envoyproxy.envoy.extensions.transport_sockets.tls.v3.CommonTlsContext in project grpc-java by grpc.
the class ClientXdsClientDataTest method validateCommonTlsContext_tlsCertificateProviderInstance.
@Test
@SuppressWarnings("deprecation")
public void validateCommonTlsContext_tlsCertificateProviderInstance() throws ResourceInvalidException {
CommonTlsContext commonTlsContext = CommonTlsContext.newBuilder().setTlsCertificateCertificateProviderInstance(CertificateProviderInstance.newBuilder().setInstanceName("name1").build()).build();
ClientXdsClient.validateCommonTlsContext(commonTlsContext, ImmutableSet.of("name1", "name2"), true);
}
Also used :
CommonTlsContext(io.envoyproxy.envoy.extensions.transport_sockets.tls.v3.CommonTlsContext)
Test(org.junit.Test)
Example 14 with CommonTlsContext
use of io.envoyproxy.envoy.extensions.transport_sockets.tls.v3.CommonTlsContext in project grpc-java by grpc.
the class ClientXdsClientDataTest method validateDownstreamTlsContext_hasOcspStaplePolicy.
@Test
@SuppressWarnings("deprecation")
public void validateDownstreamTlsContext_hasOcspStaplePolicy() throws ResourceInvalidException {
CommonTlsContext commonTlsContext = CommonTlsContext.newBuilder().setCombinedValidationContext(CommonTlsContext.CombinedCertificateValidationContext.newBuilder().setValidationContextCertificateProviderInstance(CommonTlsContext.CertificateProviderInstance.getDefaultInstance())).setTlsCertificateCertificateProviderInstance(CommonTlsContext.CertificateProviderInstance.getDefaultInstance()).build();
DownstreamTlsContext downstreamTlsContext = DownstreamTlsContext.newBuilder().setCommonTlsContext(commonTlsContext).setOcspStaplePolicy(DownstreamTlsContext.OcspStaplePolicy.STRICT_STAPLING).build();
thrown.expect(ResourceInvalidException.class);
thrown.expectMessage("downstream-tls-context with ocsp_staple_policy value STRICT_STAPLING is not supported");
ClientXdsClient.validateDownstreamTlsContext(downstreamTlsContext, ImmutableSet.of(""));
}
Also used :
DownstreamTlsContext(io.envoyproxy.envoy.extensions.transport_sockets.tls.v3.DownstreamTlsContext)
CommonTlsContext(io.envoyproxy.envoy.extensions.transport_sockets.tls.v3.CommonTlsContext)
Test(org.junit.Test)
Example 15 with CommonTlsContext
use of io.envoyproxy.envoy.extensions.transport_sockets.tls.v3.CommonTlsContext in project grpc-java by grpc.
the class ClientXdsClientDataTest method validateCommonTlsContext_tlsNewCertificateProviderInstance.
@Test
@SuppressWarnings("deprecation")
public void validateCommonTlsContext_tlsNewCertificateProviderInstance() throws ResourceInvalidException {
CommonTlsContext commonTlsContext = CommonTlsContext.newBuilder().setTlsCertificateProviderInstance(CertificateProviderPluginInstance.newBuilder().setInstanceName("name1").build()).build();
ClientXdsClient.validateCommonTlsContext(commonTlsContext, ImmutableSet.of("name1", "name2"), true);
}
Also used :
CommonTlsContext(io.envoyproxy.envoy.extensions.transport_sockets.tls.v3.CommonTlsContext)
Test(org.junit.Test)
Aggregations
CommonTlsContext (io.envoyproxy.envoy.extensions.transport_sockets.tls.v3.CommonTlsContext)27
Test (org.junit.Test)25
CertificateValidationContext (io.envoyproxy.envoy.extensions.transport_sockets.tls.v3.CertificateValidationContext)3
DownstreamTlsContext (io.envoyproxy.envoy.extensions.transport_sockets.tls.v3.DownstreamTlsContext)2
VisibleForTesting (com.google.common.annotations.VisibleForTesting)1
CertificateProviderInstance (io.envoyproxy.envoy.extensions.transport_sockets.tls.v3.CommonTlsContext.CertificateProviderInstance)1
CombinedCertificateValidationContext (io.envoyproxy.envoy.extensions.transport_sockets.tls.v3.CommonTlsContext.CombinedCertificateValidationContext)1
ApplicationProtocolConfig (io.netty.handler.ssl.ApplicationProtocolConfig)1
SslContext (io.netty.handler.ssl.SslContext)1
SslContextBuilder (io.netty.handler.ssl.SslContextBuilder)1
IOException (java.io.IOException)1
CertStoreException (java.security.cert.CertStoreException)1
CertificateException (java.security.cert.CertificateException)1
