- Sort Score
- Result 10 results
- Languages All
Results 1 - 10 of 12 for IsCA (0.12 sec)
-
security/pkg/pki/util/verify_cert.go
return fmt.Errorf("unexpected value for 'KeyUsage' field: want %v but got %v", ku, cert.KeyUsage) } if isCA := expectedFields.IsCA; isCA != cert.IsCA { return fmt.Errorf("unexpected value for 'IsCA' field: want %t but got %t", isCA, cert.IsCA) } if org := expectedFields.Org; org != "" && !reflect.DeepEqual([]string{org}, cert.Issuer.Organization) {
Registered: Fri Jun 14 15:00:06 UTC 2024 - Last Modified: Mon Sep 05 10:37:29 UTC 2022 - 5.9K bytes - Viewed (0) -
security/pkg/pki/util/verify_cert_test.go
expectedFields: keyUsage, expectedErr: "unexpected value for 'KeyUsage' field", }, "IsCA error": { privPem: []byte(key), certChainPem: []byte(certChain), rootCertPem: []byte(rootCert), expectedFields: isCA, expectedErr: "unexpected value for 'IsCA' field", }, "Org error": { privPem: []byte(key), certChainPem: []byte(certChain),
Registered: Fri Jun 14 15:00:06 UTC 2024 - Last Modified: Tue Aug 16 14:56:37 UTC 2022 - 6.5K bytes - Viewed (0) -
src/crypto/tls/generate_cert.go
if ip := net.ParseIP(h); ip != nil { template.IPAddresses = append(template.IPAddresses, ip) } else { template.DNSNames = append(template.DNSNames, h) } } if *isCA { template.IsCA = true template.KeyUsage |= x509.KeyUsageCertSign } derBytes, err := x509.CreateCertificate(rand.Reader, &template, &template, publicKey(priv), priv) if err != nil {
Registered: Wed Jun 12 16:32:35 UTC 2024 - Last Modified: Mon Aug 08 15:22:02 UTC 2022 - 4.8K bytes - Viewed (0) -
security/tools/generate_cert/main.go
} opts := util.CertOptions{ Host: *host, NotBefore: getNotBefore(), TTL: *validFor, SignerCert: signerCert, SignerPriv: signerPriv, Org: *org, IsCA: *isCA, IsSelfSigned: *mode == selfSignedMode, IsClient: *isClient, RSAKeySize: *keySize, IsServer: *isServer, ECSigAlg: util.SupportedECSignatureAlgorithms(*ec),
Registered: Fri Jun 14 15:00:06 UTC 2024 - Last Modified: Fri Apr 28 16:21:30 UTC 2023 - 5.7K bytes - Viewed (0) -
tests/integration/security/util/secret/secret.go
} } verifyFields := &util.VerifyFields{ ExtKeyUsage: []x509.ExtKeyUsage{x509.ExtKeyUsageClientAuth, x509.ExtKeyUsageServerAuth}, KeyUsage: x509.KeyUsageDigitalSignature | x509.KeyUsageKeyEncipherment, IsCA: false, Host: expectedID, } if err := util.VerifyCertificate(secret.Data[ca.PrivateKeyFile], secret.Data[ca.CertChainFile], secret.Data[ca.RootCertFile], verifyFields); err != nil {
Registered: Fri Jun 14 15:00:06 UTC 2024 - Last Modified: Mon May 22 04:04:14 UTC 2023 - 2.3K bytes - Viewed (0) -
pkg/test/csrctrl/authority/policies.go
// - It sets allowed usages as configured in the policy. // - It sets NotAfter based on the TTL configured in the policy. // - It zeros all extensions. // - It sets BasicConstraints to true. // - It sets IsCA to false. type PermissiveSigningPolicy struct { // TTL is the certificate TTL. It's used to calculate the NotAfter value of // the certificate. TTL time.Duration // Usages are the allowed usages of a certificate.
Registered: Fri Jun 14 15:00:06 UTC 2024 - Last Modified: Wed Aug 03 17:06:22 UTC 2022 - 4.5K bytes - Viewed (0) -
src/crypto/x509/boring_test.go
BasicConstraintsValid: true, } if mode&^boringCertFIPSOK == boringCertLeaf { tmpl.DNSNames = []string{"example.com"} } else { tmpl.IsCA = true tmpl.KeyUsage |= KeyUsageCertSign } var pcert *Certificate var pkey interface{} if parent != nil { pcert = parent.cert pkey = parent.key } else { pcert = tmpl pkey = key
Registered: Wed Jun 12 16:32:35 UTC 2024 - Last Modified: Thu Nov 17 17:38:47 UTC 2022 - 3.7K bytes - Viewed (0) -
pkg/controller/certificates/authority/policies.go
// signer. // // - It forwards all SANs from the original signing request. // - It sets allowed usages as configured in the policy. // - It zeros all extensions. // - It sets BasicConstraints to true. // - It sets IsCA to false. // - It validates that the signer has not expired. // - It sets NotBefore and NotAfter: // All certificates set NotBefore = Now() - Backdate. // Long-lived certificates set NotAfter = Now() + TTL - Backdate.
Registered: Sat Jun 15 01:39:40 UTC 2024 - Last Modified: Tue Jul 26 17:14:05 UTC 2022 - 5.7K bytes - Viewed (0) -
src/crypto/x509/hybrid_pool_test.go
} googChain := c.ConnectionState().PeerCertificates rootTmpl := &x509.Certificate{ SerialNumber: big.NewInt(1), Subject: pkix.Name{CommonName: "Go test root"}, IsCA: true, BasicConstraintsValid: true, NotBefore: time.Now().Add(-time.Hour), NotAfter: time.Now().Add(time.Hour * 10), } k, err := ecdsa.GenerateKey(elliptic.P256(), rand.Reader)
Registered: Wed Jun 12 16:32:35 UTC 2024 - Last Modified: Mon Feb 26 20:48:11 UTC 2024 - 3.7K bytes - Viewed (0) -
istioctl/pkg/writer/compare/sds/util.go
return SecretMeta{}, fmt.Errorf("failed to parse certificate PEM") } cert, err := x509.ParseCertificate(block.Bytes) if err != nil { return SecretMeta{}, err } var certType string if cert.IsCA { certType = "CA" } else { certType = "Cert Chain" } today := time.Now() return SecretMeta{ SerialNumber: fmt.Sprintf("%x", cert.SerialNumber),
Registered: Fri Jun 14 15:00:06 UTC 2024 - Last Modified: Tue Jun 06 15:14:48 UTC 2023 - 6.6K bytes - Viewed (0)