notBefore - Code Search

security/pkg/pki/util/verify_cert.go

		}
	}
	if expectedFields != nil {
		if nb := expectedFields.NotBefore; !nb.IsZero() && !nb.Equal(cert.NotBefore) {
			return fmt.Errorf("unexpected value for 'NotBefore' field: want %v but got %v", nb, cert.NotBefore)
		}

		if ttl := expectedFields.TTL; ttl != 0 && ttl != (cert.NotAfter.Sub(cert.NotBefore)) {
			return fmt.Errorf("unexpected value for 'NotAfter' - 'NotBefore': want %v but got %v", ttl, cert.NotAfter.Sub(cert.NotBefore))
		}

Registered: Fri Jun 14 15:00:06 UTC 2024

- Last Modified: Mon Sep 05 10:37:29 UTC 2022

- 5.9K bytes

- Viewed (0)

github.com/kubernetes/kubernetes

pkg/controller/certificates/authority/authority_test.go

				AuthorityKeyId:        caCert.SubjectKeyId,
				NotBefore:             now,
				NotAfter:              now.Add(1 * time.Hour),
				BasicConstraintsValid: true,
			},
		},
		{
			name:   "key usage",
			policy: PermissiveSigningPolicy{TTL: time.Hour, Usages: []capi.KeyUsage{"signing"}, Now: nowFunc},
			want: x509.Certificate{
				NotBefore:             now,
				NotAfter:              now.Add(1 * time.Hour),

Registered: Sat Jun 15 01:39:40 UTC 2024

- Last Modified: Wed Jun 23 19:36:11 UTC 2021

- 7.3K bytes

- Viewed (0)

github.com/istio/istio

istioctl/pkg/writer/compare/sds/writer_test.go

					Source:      "source",
					Destination: "destination",
					SecretMeta: SecretMeta{
						Valid:        true,
						SerialNumber: "serial_number",
						NotAfter:     "expires",
						NotBefore:    "valid",
						Type:         "type",
					},
				},
			},
			expected: append(
				[]string{"olinger", "serial_number", "expires", "valid", "type"},
				secretItemColumns...),

Registered: Fri Jun 14 15:00:06 UTC 2024

- Last Modified: Fri May 29 20:42:01 UTC 2020

- 4.9K bytes

- Viewed (0)

github.com/golang/go

src/crypto/x509/platform_test.go

				DNSNames:     []string{"valid.testing.golang.invalid"},
				NotBefore:    now.Add(-time.Hour),
				NotAfter:     now.Add(time.Hour),
				ExtKeyUsage:  []ExtKeyUsage{ExtKeyUsageServerAuth},
			},
		},
		{
			name: "valid (with name)",
			cert: &Certificate{
				SerialNumber: big.NewInt(1),
				DNSNames:     []string{"valid.testing.golang.invalid"},
				NotBefore:    now.Add(-time.Hour),
				NotAfter:     now.Add(time.Hour),

Registered: Wed Jun 12 16:32:35 UTC 2024

- Last Modified: Tue Feb 20 17:18:29 UTC 2024

- 7.2K bytes

- Viewed (0)

github.com/golang/go

src/crypto/tls/generate_cert.go

		keyUsage |= x509.KeyUsageKeyEncipherment
	}

	var notBefore time.Time
	if len(*validFrom) == 0 {
		notBefore = time.Now()
	} else {
		notBefore, err = time.Parse("Jan 2 15:04:05 2006", *validFrom)
		if err != nil {
			log.Fatalf("Failed to parse creation date: %v", err)
		}
	}

	notAfter := notBefore.Add(*validFor)

	serialNumberLimit := new(big.Int).Lsh(big.NewInt(1), 128)

Registered: Wed Jun 12 16:32:35 UTC 2024

- Last Modified: Mon Aug 08 15:22:02 UTC 2022

- 4.8K bytes

- Viewed (0)

github.com/istio/istio

security/pkg/pki/util/verify_cert_test.go

			rootCertPem:    []byte(rootCert),
			expectedFields: notBefore,
			expectedErr:    "unexpected value for 'NotBefore' field",
		},
		"TTL error": {
			privPem:        []byte(key),
			certChainPem:   []byte(certChain),
			rootCertPem:    []byte(rootCert),
			expectedFields: extKeyUsage,
			expectedErr:    "unexpected value for 'NotAfter' - 'NotBefore'",
		},
		"extKeyUsage error": {
			privPem:        []byte(key),

Registered: Fri Jun 14 15:00:06 UTC 2024

- Last Modified: Tue Aug 16 14:56:37 UTC 2022

- 6.5K bytes

- Viewed (0)

github.com/kubernetes/kubernetes

pkg/controller/certificates/authority/policies.go

//   - It zeros all extensions.
//   - It sets BasicConstraints to true.
//   - It sets IsCA to false.
//   - It validates that the signer has not expired.
//   - It sets NotBefore and NotAfter:
//     All certificates set NotBefore = Now() - Backdate.
//     Long-lived certificates set NotAfter = Now() + TTL - Backdate.
//     Short-lived certificates set NotAfter = Now() + TTL.

Registered: Sat Jun 15 01:39:40 UTC 2024

- Last Modified: Tue Jul 26 17:14:05 UTC 2022

- 5.7K bytes

- Viewed (0)

github.com/istio/istio

istioctl/pkg/writer/compare/sds/util.go

	}

	today := time.Now()
	return SecretMeta{
		SerialNumber: fmt.Sprintf("%x", cert.SerialNumber),
		NotAfter:     cert.NotAfter.Format(time.RFC3339),
		NotBefore:    cert.NotBefore.Format(time.RFC3339),
		Type:         certType,
		Valid:        today.After(cert.NotBefore) && today.Before(cert.NotAfter),
	}, nil

Registered: Fri Jun 14 15:00:06 UTC 2024

- Last Modified: Tue Jun 06 15:14:48 UTC 2023

- 6.6K bytes

- Viewed (0)

github.com/kubernetes/kubernetes

cmd/kubeadm/app/util/certs/util.go

// the expected NotBefore. Truncate (round) expectedNotBefore to 1 second, since the certificate stores
// with seconds as the maximum precision.
func AssertCertificateHasNotBefore(t *testing.T, cert *x509.Certificate, expectedNotBefore time.Time) {
	truncated := expectedNotBefore.Truncate(time.Second)
	if !cert.NotBefore.Equal(truncated) {
		t.Errorf("cert has NotBefore %v, expected %v", cert.NotBefore, truncated)
	}
}

Registered: Sat Jun 15 01:39:40 UTC 2024

- Last Modified: Wed May 01 16:01:49 UTC 2024

- 9.1K bytes

- Viewed (0)

github.com/kubernetes/kubernetes

cmd/kubeadm/app/phases/certs/renewal/readwriter_test.go

func writeTestCertificate(t *testing.T, dir, name string, caCert *x509.Certificate, caKey crypto.Signer, organization []string, notBefore, notAfter time.Time) *x509.Certificate {
	cert, key, err := pkiutil.NewCertAndKey(caCert, caKey, makeTestCertConfig(organization, notBefore, notAfter))
	if err != nil {
		t.Fatalf("couldn't generate certificate: %v", err)
	}

Registered: Sat Jun 15 01:39:40 UTC 2024

- Last Modified: Thu May 30 15:17:24 UTC 2024

- 9.5K bytes

- Viewed (0)

Search Options