1
0
mirror of https://github.com/v2fly/v2ray-core.git synced 2024-11-18 02:16:10 -05:00
v2fly/transport/internet/tls/config.proto

64 lines
1.9 KiB
Protocol Buffer
Raw Normal View History

2016-10-02 17:43:58 -04:00
syntax = "proto3";
package v2ray.core.transport.internet.tls;
2016-12-22 18:24:28 -05:00
option csharp_namespace = "V2Ray.Core.Transport.Internet.Tls";
option go_package = "github.com/v2fly/v2ray-core/v5/transport/internet/tls";
2016-10-02 17:43:58 -04:00
option java_package = "com.v2ray.core.transport.internet.tls";
2017-02-03 17:15:10 -05:00
option java_multiple_files = true;
2016-10-02 17:43:58 -04:00
2021-09-05 05:26:17 -04:00
import "common/protoext/extensions.proto";
2016-10-02 17:43:58 -04:00
message Certificate {
2016-10-18 09:31:39 -04:00
// TLS certificate in x509 format.
2016-10-02 17:43:58 -04:00
bytes Certificate = 1;
2016-10-18 09:31:39 -04:00
// TLS key in x509 format.
2016-10-02 17:43:58 -04:00
bytes Key = 2;
enum Usage {
ENCIPHERMENT = 0;
AUTHORITY_VERIFY = 1;
AUTHORITY_ISSUE = 2;
AUTHORITY_VERIFY_CLIENT = 3;
}
Usage usage = 3;
2021-09-05 10:52:17 -04:00
string certificate_file = 96001 [(v2ray.core.common.protoext.field_opt).convert_time_read_file_into = "Certificate"];
string key_file = 96002 [(v2ray.core.common.protoext.field_opt).convert_time_read_file_into = "Key"];
2016-10-02 17:43:58 -04:00
}
message Config {
2021-09-05 05:26:17 -04:00
option (v2ray.core.common.protoext.message_opt).type = "security";
option (v2ray.core.common.protoext.message_opt).short_name = "tls";
2016-10-18 09:31:39 -04:00
// Whether or not to allow self-signed certificates.
2021-09-05 10:52:17 -04:00
bool allow_insecure = 1 [(v2ray.core.common.protoext.field_opt).forbidden = true];
2016-10-18 09:31:39 -04:00
// List of certificates to be served on server.
2016-10-02 17:43:58 -04:00
repeated Certificate certificate = 2;
2016-12-11 17:58:37 -05:00
// Override server name.
string server_name = 3;
2018-01-02 12:16:36 -05:00
// Lists of string as ALPN values.
repeated string next_protocol = 4;
// Whether or not to enable session (ticket) resumption.
bool enable_session_resumption = 5;
// If true, root certificates on the system will not be loaded for
// verification.
bool disable_system_root = 6;
/* @Document A pinned certificate chain sha256 hash.
@Document If the server's hash does not match this value, the connection will be aborted.
@Document This value replace allow_insecure.
@Critical
*/
repeated bytes pinned_peer_certificate_chain_sha256 = 7;
2021-09-01 16:12:03 -04:00
// If true, the client is required to present a certificate.
bool verify_client_certificate = 8;
}