Search Options

Results per page
Sort
Preferred Languages
Advance

Results 1 - 3 of 3 for signWithCertChain (0.2 sec)

  2. github.com/istio/istio

    security/pkg/server/ca/server.go 

    type CertificateAuthority interface {
	// Sign generates a certificate for a workload or CA, from the given CSR and cert opts.
	Sign(csrPEM []byte, opts ca.CertOpts) ([]byte, error)
	// SignWithCertChain is similar to Sign but returns the leaf cert and the entire cert chain.
	SignWithCertChain(csrPEM []byte, opts ca.CertOpts) ([]string, error)
	// GetCAKeyCertBundle returns the KeyCertBundle used by CA.
	GetCAKeyCertBundle() *util.KeyCertBundle
}
    Registered: Fri Jun 14 15:00:06 UTC 2024
    - Last Modified: Tue May 28 17:35:26 UTC 2024
    - 8K bytes
    - Viewed (0)
  3. github.com/istio/istio

    security/pkg/pki/ra/k8s_ra.go 

    	if err != nil {
		return nil, err
	}
	certSigner := certOpts.CertSigner

	return r.kubernetesSign(csrPEM, r.raOpts.CaCertFile, certSigner, certOpts.TTL)
}

// SignWithCertChain is similar to Sign but returns the leaf cert and the entire cert chain.
// root cert comes from two sources, order matters:
// 1. Specified in mesh config
// 2. Extract from the cert-chain signed by the CSR signer.
    Registered: Fri Jun 14 15:00:06 UTC 2024
    - Last Modified: Wed Aug 02 14:34:38 UTC 2023
    - 7.2K bytes
    - Viewed (0)
  4. github.com/istio/istio

    security/pkg/pki/ra/k8s_ra_test.go 

    			certOptions := ca.CertOpts{
				SubjectIDs: []string{subjectID},
				TTL:        60 * time.Second, ForCA: false,
				CertSigner: "kube-apiserver-client",
			}
			_, err = ra.SignWithCertChain(csrPEM, certOptions)
			if (tc.expectedFail && err == nil) || (!tc.expectedFail && err != nil) {
				t.Fatalf("expected failure: %t, got %v", tc.expectedFail, err)
			}
			if tc.updatedRootCertForMeshConfig != "" {
    Registered: Fri Jun 14 15:00:06 UTC 2024
    - Last Modified: Wed Sep 27 00:44:54 UTC 2023
    - 9.7K bytes
    - Viewed (0)
Back to top