Package io.fabric8.openshift.api.model

Class TLSConfig

  • All Implemented Interfaces:
    io.fabric8.kubernetes.api.builder.Editable<TLSConfigBuilder>, io.fabric8.kubernetes.api.model.KubernetesResource, Serializable
    @Generated("io.fabric8.kubernetes.schema.generator.model.ModelGenerator")
public class TLSConfig
extends Object
implements io.fabric8.kubernetes.api.builder.Editable<TLSConfigBuilder>, io.fabric8.kubernetes.api.model.KubernetesResource
    TLSConfig defines config used to secure a route and provide termination
    See Also:
    Serialized Form

    • Constructor Detail

      • TLSConfig

        public TLSConfig()
        No args constructor for use in serialization

    • Method Detail

      • getCaCertificate

        public String getCaCertificate()
        caCertificate provides the cert authority certificate contents

      • setCaCertificate

        public void setCaCertificate​(String caCertificate)
        caCertificate provides the cert authority certificate contents

      • getCertificate

        public String getCertificate()
        certificate provides certificate contents. This should be a single serving certificate, not a certificate chain. Do not include a CA certificate.

      • setCertificate

        public void setCertificate​(String certificate)
        certificate provides certificate contents. This should be a single serving certificate, not a certificate chain. Do not include a CA certificate.

      • getDestinationCACertificate

        public String getDestinationCACertificate()
        destinationCACertificate provides the contents of the ca certificate of the final destination. When using reencrypt termination this file should be provided in order to have routers use it for health checks on the secure connection. If this field is not specified, the router may provide its own destination CA and perform hostname validation using the short service name (service.namespace.svc), which allows infrastructure generated certificates to automatically verify.

      • setDestinationCACertificate

        public void setDestinationCACertificate​(String destinationCACertificate)
        destinationCACertificate provides the contents of the ca certificate of the final destination. When using reencrypt termination this file should be provided in order to have routers use it for health checks on the secure connection. If this field is not specified, the router may provide its own destination CA and perform hostname validation using the short service name (service.namespace.svc), which allows infrastructure generated certificates to automatically verify.

      • getExternalCertificate

        public LocalObjectReference getExternalCertificate()
        TLSConfig defines config used to secure a route and provide termination

      • setExternalCertificate

        public void setExternalCertificate​(LocalObjectReference externalCertificate)
        TLSConfig defines config used to secure a route and provide termination

      • getInsecureEdgeTerminationPolicy

        public String getInsecureEdgeTerminationPolicy()
        insecureEdgeTerminationPolicy indicates the desired behavior for insecure connections to a route. While each router may make its own decisions on which ports to expose, this is normally port 80.


        If a route does not specify insecureEdgeTerminationPolicy, then the default behavior is "None".


        * Allow - traffic is sent to the server on the insecure port (edge/reencrypt terminations only).


        * None - no traffic is allowed on the insecure port (default).


        * Redirect - clients are redirected to the secure port.

      • setInsecureEdgeTerminationPolicy

        public void setInsecureEdgeTerminationPolicy​(String insecureEdgeTerminationPolicy)
        insecureEdgeTerminationPolicy indicates the desired behavior for insecure connections to a route. While each router may make its own decisions on which ports to expose, this is normally port 80.


        If a route does not specify insecureEdgeTerminationPolicy, then the default behavior is "None".


        * Allow - traffic is sent to the server on the insecure port (edge/reencrypt terminations only).


        * None - no traffic is allowed on the insecure port (default).


        * Redirect - clients are redirected to the secure port.

      • getKey

        public String getKey()
        key provides key file contents

      • setKey

        public void setKey​(String key)
        key provides key file contents

      • getTermination

        public String getTermination()
        termination indicates termination type.


        * edge - TLS termination is done by the router and http is used to communicate with the backend (default) * passthrough - Traffic is sent straight to the destination without the router providing TLS termination * reencrypt - TLS termination is done by the router and https is used to communicate with the backend


        Note: passthrough termination is incompatible with httpHeader actions

      • setTermination

        public void setTermination​(String termination)
        termination indicates termination type.


        * edge - TLS termination is done by the router and http is used to communicate with the backend (default) * passthrough - Traffic is sent straight to the destination without the router providing TLS termination * reencrypt - TLS termination is done by the router and https is used to communicate with the backend


        Note: passthrough termination is incompatible with httpHeader actions

      • getAdditionalProperties

        public Map<String,​Object> getAdditionalProperties()

      • setAdditionalProperty

        public void setAdditionalProperty​(String name,
                                  Object value)

      • setAdditionalProperties

        public void setAdditionalProperties​(Map<String,​Object> additionalProperties)