interface TrustStoreProps
Language | Type name |
---|---|
![]() | Amazon.CDK.AWS.ElasticLoadBalancingV2.TrustStoreProps |
![]() | github.com/aws/aws-cdk-go/awscdk/v2/awselasticloadbalancingv2#TrustStoreProps |
![]() | software.amazon.awscdk.services.elasticloadbalancingv2.TrustStoreProps |
![]() | aws_cdk.aws_elasticloadbalancingv2.TrustStoreProps |
![]() | aws-cdk-lib » aws_elasticloadbalancingv2 » TrustStoreProps |
Properties used for the Trust Store.
Example
import * as acm from 'aws-cdk-lib/aws-certificatemanager';
declare const certificate: acm.Certificate;
declare const lb: elbv2.ApplicationLoadBalancer;
declare const bucket: s3.Bucket;
const trustStore = new elbv2.TrustStore(this, 'Store', {
bucket,
key: 'rootCA_cert.pem',
});
lb.addListener('Listener', {
port: 443,
protocol: elbv2.ApplicationProtocol.HTTPS,
certificates: [certificate],
// mTLS settings
mutualAuthentication: {
advertiseTrustStoreCaNames: true,
ignoreClientCertificateExpiry: false,
mutualAuthenticationMode: elbv2.MutualAuthenticationMode.VERIFY,
trustStore,
},
defaultAction: elbv2.ListenerAction.fixedResponse(200,
{ contentType: 'text/plain', messageBody: 'Success mTLS' }),
});
Properties
Name | Type | Description |
---|---|---|
bucket | IBucket | The bucket that the trust store is hosted in. |
key | string | The key in S3 to look at for the trust store. |
trust | string | The name of the trust store. |
version? | string | The version of the S3 object that contains your truststore. |
bucket
Type:
IBucket
The bucket that the trust store is hosted in.
key
Type:
string
The key in S3 to look at for the trust store.
trustStoreName?
Type:
string
(optional, default: Auto generated)
The name of the trust store.
version?
Type:
string
(optional, default: latest version)
The version of the S3 object that contains your truststore.
To specify a version, you must have versioning enabled for the S3 bucket.