@type t() :: %Envoy.Extensions.TransportSockets.Tls.V3.CertificateValidationContext{
__unknown_fields__: [
{field_number :: integer(), Protobuf.Wire.Types.wire_type(),
value :: term()}
],
allow_expired_certificate: boolean(),
ca_certificate_provider_instance:
Envoy.Extensions.TransportSockets.Tls.V3.CertificateProviderPluginInstance.t()
| nil,
crl: Envoy.Config.Core.V3.DataSource.t() | nil,
custom_validator_config: Envoy.Config.Core.V3.TypedExtensionConfig.t() | nil,
match_subject_alt_names: [Envoy.Type.Matcher.V3.StringMatcher.t()],
match_typed_subject_alt_names: [
Envoy.Extensions.TransportSockets.Tls.V3.SubjectAltNameMatcher.t()
],
max_verify_depth: Google.Protobuf.UInt32Value.t() | nil,
only_verify_leaf_cert_crl: boolean(),
require_signed_certificate_timestamp: Google.Protobuf.BoolValue.t() | nil,
trust_chain_verification:
Envoy.Extensions.TransportSockets.Tls.V3.CertificateValidationContext.TrustChainVerification.t(),
trusted_ca: Envoy.Config.Core.V3.DataSource.t() | nil,
verify_certificate_hash: [String.t()],
verify_certificate_spki: [String.t()],
watched_directory: Envoy.Config.Core.V3.WatchedDirectory.t() | nil
}