istio
/
istio.io
mirror of https://github.com/istio/istio.io.git
1
0
Fork 0
Code Issues Packages Projects Releases Wiki Activity

mTLS -> mutual TLS (#3717)

This commit is contained in:
Martin Taillefer 2019-03-15 21:07:52 -07:00 committed by GitHub
parent 6077db4e47
commit b409371b9f
No known key found for this signature in database
GPG Key ID: 4AEE18F83AFDEB23
5 changed files with 24 additions and 24 deletions
Show Stats Download Patch File Download Diff File Expand all files Collapse all files

4
content/blog/2018/egress-mongo/index.md
View File

@ -595,7 +595,7 @@ to be 443. The egress gateway accepts the MongoDB traffic on the port 443, match
{{< tabset cookie-name="mtls" >}} {{< tabset cookie-name="mtls" >}}
{{< tab name="mTLS enabled" cookie-value="enabled" >}} {{< tab name="mutual TLS enabled" cookie-value="enabled" >}}
{{< text bash >}} {{< text bash >}}
$ kubectl apply -f - <<EOF $ kubectl apply -f - <<EOF
@ -676,7 +676,7 @@ to be 443. The egress gateway accepts the MongoDB traffic on the port 443, match
{{< /tab >}} {{< /tab >}}
{{< tab name="mTLS disabled" cookie-value="disabled" >}} {{< tab name="mutual TLS disabled" cookie-value="disabled" >}}
{{< text bash >}} {{< text bash >}}
$ kubectl apply -f - <<EOF $ kubectl apply -f - <<EOF

4
content/docs/examples/advanced-gateways/egress-gateway-tls-origination/index.md
View File

@ -99,7 +99,7 @@ be done by the egress gateway, as opposed to by the sidecar in the previous exam
{{< tabset cookie-name="mtls" >}} {{< tabset cookie-name="mtls" >}}
{{< tab name="mTLS enabled" cookie-value="enabled" >}} {{< tab name="mutual TLS enabled" cookie-value="enabled" >}}
{{< text bash >}} {{< text bash >}}
$ kubectl apply -f - <<EOF $ kubectl apply -f - <<EOF
@ -145,7 +145,7 @@ be done by the egress gateway, as opposed to by the sidecar in the previous exam
{{< /tab >}} {{< /tab >}}
{{< tab name="mTLS disabled" cookie-value="disabled" >}} {{< tab name="mutual TLS disabled" cookie-value="disabled" >}}
{{< text bash >}} {{< text bash >}}
$ kubectl apply -f - <<EOF $ kubectl apply -f - <<EOF

8
content/docs/examples/advanced-gateways/egress-gateway/index.md
View File

@ -112,7 +112,7 @@ First create a `ServiceEntry` to allow direct traffic to an external service.
{{< tabset cookie-name="mtls" >}} {{< tabset cookie-name="mtls" >}}
{{< tab name="mTLS enabled" cookie-value="enabled" >}} {{< tab name="mutual TLS enabled" cookie-value="enabled" >}}
{{< text bash >}} {{< text bash >}}
$ kubectl apply -f - <<EOF $ kubectl apply -f - <<EOF
@ -158,7 +158,7 @@ First create a `ServiceEntry` to allow direct traffic to an external service.
{{< /tab >}} {{< /tab >}}
{{< tab name="mTLS disabled" cookie-value="disabled" >}} {{< tab name="mutual TLS disabled" cookie-value="disabled" >}}
{{< text bash >}} {{< text bash >}}
$ kubectl apply -f - <<EOF $ kubectl apply -f - <<EOF
@ -320,7 +320,7 @@ You need to specify port 443 with protocol `TLS` in a corresponding `ServiceEntr
{{< tabset cookie-name="mtls" >}} {{< tabset cookie-name="mtls" >}}
{{< tab name="mTLS enabled" cookie-value="enabled" >}} {{< tab name="mutual TLS enabled" cookie-value="enabled" >}}
{{< text bash >}} {{< text bash >}}
$ kubectl apply -f - <<EOF $ kubectl apply -f - <<EOF
@ -401,7 +401,7 @@ You need to specify port 443 with protocol `TLS` in a corresponding `ServiceEntr
{{< /tab >}} {{< /tab >}}
{{< tab name="mTLS disabled" cookie-value="disabled" >}} {{< tab name="mutual TLS disabled" cookie-value="disabled" >}}
{{< text bash >}} {{< text bash >}}
$ kubectl apply -f - <<EOF $ kubectl apply -f - <<EOF

4
content/docs/examples/advanced-gateways/wildcard-egress-hosts/index.md
View File

@ -423,7 +423,7 @@ The SNI proxy will forward the traffic to port `443`.
{{< tabset cookie-name="mtls" >}} {{< tabset cookie-name="mtls" >}}
{{< tab name="mTLS enabled" cookie-value="enabled" >}} {{< tab name="mutual TLS enabled" cookie-value="enabled" >}}
{{< text bash >}} {{< text bash >}}
$ kubectl apply -f - <<EOF $ kubectl apply -f - <<EOF
@ -540,7 +540,7 @@ The SNI proxy will forward the traffic to port `443`.
{{< /tab >}} {{< /tab >}}
{{< tab name="mTLS disabled" cookie-value="disabled" >}} {{< tab name="mutual TLS disabled" cookie-value="disabled" >}}
{{< text bash >}} {{< text bash >}}
$ kubectl apply -f - <<EOF $ kubectl apply -f - <<EOF

8
content/docs/setup/kubernetes/install/kubernetes/index.md
View File

@ -41,7 +41,7 @@ This permits customization of Istio to operator specific requirements.
{{< tabset cookie-name="profile" >}} {{< tabset cookie-name="profile" >}}
{{< tab name="permissive mTLS" cookie-value="permissive" >}} {{< tab name="permissive mutual TLS" cookie-value="permissive" >}}
When using the permissive mutual TLS mode, all services accept both plain text and When using the permissive mutual TLS mode, all services accept both plain text and
mutual TLS traffic. Clients send plain text traffic unless configured for mutual TLS traffic. Clients send plain text traffic unless configured for
[mutual migration](/docs/tasks/security/mtls-migration/#configure-clients-to-send-mutual-tls-traffic). [mutual migration](/docs/tasks/security/mtls-migration/#configure-clients-to-send-mutual-tls-traffic).
@ -62,7 +62,7 @@ $ kubectl apply -f install/kubernetes/istio-demo.yaml
{{< /tab >}} {{< /tab >}}
{{< tab name="strict mTLS" cookie-value="strict" >}} {{< tab name="strict mutual TLS" cookie-value="strict" >}}
This variant will enforce This variant will enforce
[mutual TLS authentication](/docs/concepts/security/#mutual-tls-authentication) between all clients and servers. [mutual TLS authentication](/docs/concepts/security/#mutual-tls-authentication) between all clients and servers.
@ -175,7 +175,7 @@ non-existent resources because they may have been deleted hierarchically.
{{< tabset cookie-name="profile" >}} {{< tabset cookie-name="profile" >}}
{{< tab name="permissive mTLS" cookie-value="permissive" >}} {{< tab name="permissive mutual TLS" cookie-value="permissive" >}}
{{< text bash >}} {{< text bash >}}
$ kubectl delete -f install/kubernetes/istio-demo.yaml $ kubectl delete -f install/kubernetes/istio-demo.yaml
@ -183,7 +183,7 @@ $ kubectl delete -f install/kubernetes/istio-demo.yaml
{{< /tab >}} {{< /tab >}}
{{< tab name="strict mTLS" cookie-value="strict" >}} {{< tab name="strict mutual TLS" cookie-value="strict" >}}
{{< text bash >}} {{< text bash >}}
$ kubectl delete -f install/kubernetes/istio-demo-auth.yaml $ kubectl delete -f install/kubernetes/istio-demo-auth.yaml