← Back to index Esc
Kind
Tlsoption
Group
traefik.io
Version
v1alpha1
apiVersion: traefik.io/v1alpha1 kind: Tlsoption metadata: name: example
View raw schema
apiVersion string
APIVersion defines the versioned schema of this representation of an object. Servers should convert recognized schemas to the latest internal value, and may reject unrecognized values. More info: https://git.k8s.io/community/contributors/devel/sig-architecture/api-conventions.md#resources
kind string
Kind is a string value representing the REST resource this object represents. Servers may infer this from the endpoint the client submits requests to. Cannot be updated. In CamelCase. More info: https://git.k8s.io/community/contributors/devel/sig-architecture/api-conventions.md#types-kinds
metadata object required
spec object required
TLSOptionSpec defines the desired state of a TLSOption.
alpnProtocols []string
ALPNProtocols defines the list of supported application level protocols for the TLS handshake, in order of preference. More info: https://doc.traefik.io/traefik/v3.6/reference/routing-configuration/http/tls/tls-certificates/#certificates-stores#alpn-protocols
cipherSuites []string
CipherSuites defines the list of supported cipher suites for TLS versions up to TLS 1.2. More info: https://doc.traefik.io/traefik/v3.6/reference/routing-configuration/http/tls/tls-certificates/#certificates-stores#cipher-suites
clientAuth object
ClientAuth defines the server's policy for TLS Client Authentication.
clientAuthType string
ClientAuthType defines the client authentication type to apply.
enum: NoClientCert, RequestClientCert, RequireAnyClientCert, VerifyClientCertIfGiven, RequireAndVerifyClientCert
secretNames []string
SecretNames defines the names of the referenced Kubernetes Secret storing certificate details.
curvePreferences []string
CurvePreferences defines the preferred elliptic curves. More info: https://doc.traefik.io/traefik/v3.6/reference/routing-configuration/http/tls/tls-certificates/#certificates-stores#curve-preferences
disableSessionTickets boolean
DisableSessionTickets disables TLS session resumption via session tickets.
maxVersion string
MaxVersion defines the maximum TLS version that Traefik will accept. Possible values: VersionTLS10, VersionTLS11, VersionTLS12, VersionTLS13. Default: None.
minVersion string
MinVersion defines the minimum TLS version that Traefik will accept. Possible values: VersionTLS10, VersionTLS11, VersionTLS12, VersionTLS13. Default: VersionTLS10.
preferServerCipherSuites boolean
PreferServerCipherSuites defines whether the server chooses a cipher suite among his own instead of among the client's. It is enabled automatically when minVersion or maxVersion is set. Deprecated: https://github.com/golang/go/issues/45430
sniStrict boolean
SniStrict defines whether Traefik allows connections from clients connections that do not specify a server_name extension.
Copied!