OpenShift · Schema

TLSConfig

TLS configuration for the route. Determines how TLS connections are handled at the router.

CI/CDCloud NativeContainersDevOpsEnterpriseKubernetesPaaS

Properties

Name Type Description
termination string Indicates termination type. Edge terminates TLS at the router, passthrough forwards encrypted traffic to the backend, and re-encrypt terminates at the router and re-encrypts to the backend.
certificate string PEM-encoded certificate for the route. Required for edge and re-encrypt termination if not using a default certificate.
key string PEM-encoded private key for the route certificate.
caCertificate string PEM-encoded CA certificate chain used to verify client certificates.
destinationCACertificate string PEM-encoded CA certificate used to verify the backend server certificate. Only applicable for re-encrypt termination.
insecureEdgeTerminationPolicy string Policy for handling insecure (HTTP) traffic when TLS is configured. None disables insecure traffic, Allow permits it, Redirect sends a 301 redirect to the HTTPS URL.
View JSON Schema on GitHub

JSON Schema

openshift-tlsconfig-schema.json Raw ↑ 
{
  "$schema": "https://json-schema.org/draft/2020-12/schema",
  "$id": "#/components/schemas/TLSConfig",
  "title": "TLSConfig",
  "type": "object",
  "description": "TLS configuration for the route. Determines how TLS connections are handled at the router.",
  "properties": {
    "termination": {
      "type": "string",
      "description": "Indicates termination type. Edge terminates TLS at the router, passthrough forwards encrypted traffic to the backend, and re-encrypt terminates at the router and re-encrypts to the backend.",
      "enum": [
        "edge",
        "passthrough",
        "reencrypt"
      ],
      "example": "edge"
    },
    "certificate": {
      "type": "string",
      "description": "PEM-encoded certificate for the route. Required for edge and re-encrypt termination if not using a default certificate.",
      "example": "example_value"
    },
    "key": {
      "type": "string",
      "description": "PEM-encoded private key for the route certificate.",
      "example": "example_value"
    },
    "caCertificate": {
      "type": "string",
      "description": "PEM-encoded CA certificate chain used to verify client certificates.",
      "example": "example_value"
    },
    "destinationCACertificate": {
      "type": "string",
      "description": "PEM-encoded CA certificate used to verify the backend server certificate. Only applicable for re-encrypt termination.",
      "example": "example_value"
    },
    "insecureEdgeTerminationPolicy": {
      "type": "string",
      "description": "Policy for handling insecure (HTTP) traffic when TLS is configured. None disables insecure traffic, Allow permits it, Redirect sends a 301 redirect to the HTTPS URL.",
      "enum": [
        "None",
        "Allow",
        "Redirect"
      ],
      "example": "None"
    }
  }
}