- Sort Score
- Result 10 results
- Languages All
Results 1 - 10 of 14 for caCertFile (0.2 sec)
-
security/pkg/pki/util/keycertbundle_test.go
} // The test of CertOptions func TestCertOptionsAndRetrieveID(t *testing.T) { testCases := map[string]struct { caCertFile string caKeyFile string certChainFile []string rootCertFile string certOptions *CertOptions expectedErr string }{ "No SAN RSA": { caCertFile: rootCertFile, caKeyFile: rootKeyFile, certChainFile: nil, rootCertFile: rootCertFile,
Registered: Fri Jun 14 15:00:06 UTC 2024 - Last Modified: Sun Jan 21 06:07:50 UTC 2024 - 15.8K bytes - Viewed (0) -
security/pkg/pki/ca/selfsignedcarootcertrotator_test.go
rootCertInKeyCertBundle []byte } func verifyRootCertAndPrivateKey(t *testing.T, shouldMatch bool, itemA, itemB rootCertItem) { isMatched := bytes.Equal(itemA.caSecret.Data[CACertFile], itemB.caSecret.Data[CACertFile]) if isMatched != shouldMatch { t.Errorf("Verification of root cert in CA secret failed. Want %v got %v", shouldMatch, isMatched) }
Registered: Fri Jun 14 15:00:06 UTC 2024 - Last Modified: Wed Oct 11 23:33:41 UTC 2023 - 14.1K bytes - Viewed (0) -
security/pkg/pki/ca/selfsignedcarootcertrotator.go
// Reload root certificate into key cert bundle. if !bytes.Equal(caCertInMem, caSecret.Data[CACertFile]) { rootCertRotatorLog.Warnf("CA cert in KeyCertBundle does not match CA cert in "+ "%s. Start to reload root cert into KeyCertBundle", rotator.config.secretName) rootCerts, err := util.AppendRootCerts(caSecret.Data[CACertFile], rotator.config.rootCertFile) if err != nil {
Registered: Fri Jun 14 15:00:06 UTC 2024 - Last Modified: Thu Nov 30 19:33:26 UTC 2023 - 10.4K bytes - Viewed (0) -
pilot/pkg/bootstrap/istio_ca.go
if certSignerDomain == "" { log.Infof("CA cert file %q not found, using %q.", caCertFile, defaultCACertPath) caCertFile = defaultCACertPath } else { log.Infof("CA cert file %q not found - ignoring.", caCertFile) caCertFile = "" } } if s.kubeClient == nil { return nil, fmt.Errorf("kubeClient is nil") } raOpts := &ra.IstioRAOptions{ ExternalCAType: opts.ExternalCAType,
Registered: Fri Jun 14 15:00:06 UTC 2024 - Last Modified: Thu Jun 13 17:48:28 UTC 2024 - 20.6K bytes - Viewed (0) -
security/pkg/pki/ca/ca_test.go
} if caSecret.Data[PrivateKeyFile] != nil { t.Fatalf("Private key should be nil but got %v", caSecret.Data[PrivateKeyFile]) } if !bytes.Equal(caSecret.Data[CACertFile], CertPem) { t.Fatalf("CA cert does not match, want %v got %v", CertPem, caSecret.Data[CACertFile]) } if !bytes.Equal(caSecret.Data[CAPrivateKeyFile], KeyPem) { t.Fatalf("CA cert does not match, want %v got %v", KeyPem, caSecret.Data[CAPrivateKeyFile]) }
Registered: Fri Jun 14 15:00:06 UTC 2024 - Last Modified: Tue Oct 31 08:51:27 UTC 2023 - 29.1K bytes - Viewed (0) -
pkg/test/echo/server/forwarder/config.go
GetClientCertificate: c.getClientCertificate, NextProtos: r.GetAlpn().GetValue(), ServerName: r.ServerName, MinVersion: tls.VersionTLS12, } if r.CaCertFile != "" { certData, err := os.ReadFile(r.CaCertFile) if err != nil { return nil, fmt.Errorf("failed to load client certificate: %v", err) } r.CaCert = string(certData) } if r.InsecureSkipVerify || r.CaCert == "" {
Registered: Fri Jun 14 15:00:06 UTC 2024 - Last Modified: Sun Oct 08 09:39:20 UTC 2023 - 9.8K bytes - Viewed (0) -
security/pkg/pki/ca/ca.go
certutil "istio.io/istio/security/pkg/util" ) const ( // istioCASecretType is the Istio secret annotation type. istioCASecretType = "istio.io/ca-root" // CACertFile is the CA certificate chain file. CACertFile = "ca-cert.pem" // CAPrivateKeyFile is the private key file of CA. CAPrivateKeyFile = "ca-key.pem" // CASecret stores the key/cert of self-signed CA for persistency purpose.
Registered: Fri Jun 14 15:00:06 UTC 2024 - Last Modified: Thu Nov 30 19:33:26 UTC 2023 - 17.2K bytes - Viewed (0) -
pkg/test/echo/proto/echo.pb.go
KeyFile string `protobuf:"bytes,17,opt,name=keyFile,proto3" json:"keyFile,omitempty"` // If non-empty, verify the server CA with the ca cert file. CaCertFile string `protobuf:"bytes,18,opt,name=caCertFile,proto3" json:"caCertFile,omitempty"` // Skip verifying peer's certificate. InsecureSkipVerify bool `protobuf:"varint,19,opt,name=insecureSkipVerify,proto3" json:"insecureSkipVerify,omitempty"`
Registered: Fri Jun 14 15:00:06 UTC 2024 - Last Modified: Fri May 31 02:27:10 UTC 2024 - 33.3K bytes - Viewed (0) -
pilot/pkg/bootstrap/certcontroller.go
func (s *Server) initFileCertificateWatches(tlsOptions TLSOptions) error { if err := s.istiodCertBundleWatcher.SetFromFilesAndNotify(tlsOptions.KeyFile, tlsOptions.CertFile, tlsOptions.CaCertFile); err != nil { return fmt.Errorf("set keyCertBundle failed: %v", err) } // TODO: Setup watcher for root and restart server if it changes. for _, file := range []string{tlsOptions.CertFile, tlsOptions.KeyFile} {
Registered: Fri Jun 14 15:00:06 UTC 2024 - Last Modified: Thu Jun 13 17:48:28 UTC 2024 - 11.3K bytes - Viewed (0) -
pilot/pkg/bootstrap/server_test.go
FSCertsPaths: TLSFSLoadPaths{tlsArgcertFile, tlsArgkeyFile, tlsArgcaCertFile}, tlsOptions: &TLSOptions{ CertFile: tlsArgcertFile, KeyFile: tlsArgkeyFile, CaCertFile: tlsArgcaCertFile, }, enableCA: false, certProvider: constants.CertProviderKubernetes, expNewCert: false, expCert: testcerts.ServerCert,
Registered: Fri Jun 14 15:00:06 UTC 2024 - Last Modified: Thu Jun 13 17:48:28 UTC 2024 - 23.1K bytes - Viewed (0)