- Sort Score
- Result 10 results
- Languages All
Results 1 - 10 of 12 for san (0.12 sec)
-
pkg/security/security.go
// Client interface defines the clients need to implement to talk to CA for CSR. // The Agent will create a key pair and a CSR, and use an implementation of this // interface to get back a signed certificate. There is no guarantee that the SAN // in the request will be returned - server may replace it. type Client interface { CSRSign(csrPEM []byte, certValidTTLInSec int64) ([]string, error) Close()
Registered: Fri Jun 14 15:00:06 UTC 2024 - Last Modified: Thu Jun 13 17:48:28 UTC 2024 - 19.1K bytes - Viewed (0) -
cmd/kubeadm/app/cmd/phases/init/certs.go
options.NetworkingDNSDomain, options.NetworkingServiceSubnet, ) } return flags } func getSANDescription(certSpec *certsphase.KubeadmCert) string { // Defaulted config we will use to get SAN certs defaultConfig := &kubeadmapiv1.InitConfiguration{ LocalAPIEndpoint: kubeadmapiv1.APIEndpoint{ // GetAPIServerAltNames errors without an AdvertiseAddress; this is as good as any. AdvertiseAddress: "127.0.0.1",
Registered: Sat Jun 15 01:39:40 UTC 2024 - Last Modified: Sat Jun 08 06:35:45 UTC 2024 - 9.8K bytes - Viewed (0) -
pkg/istio-agent/agent.go
} func (a *Agent) generateNodeMetadata() (*model.Node, error) { var pilotSAN []string if a.proxyConfig.ControlPlaneAuthPolicy == mesh.AuthenticationPolicy_MUTUAL_TLS { // Obtain Pilot SAN, using DNS. pilotSAN = []string{config.GetPilotSan(a.proxyConfig.DiscoveryAddress)} } credentialSocketExists, err := checkSocket(context.TODO(), security.CredentialNameSocketPath) if err != nil {
Registered: Fri Jun 14 15:00:06 UTC 2024 - Last Modified: Wed Jun 05 10:02:56 UTC 2024 - 26.7K bytes - Viewed (0) -
pkg/workloadapi/workload.proto
repeated NetworkAddress addresses = 4; // Ports for the service. // The target_port may be overridden on a per-workload basis. repeated Port ports = 5; // Optional; if set, the SAN to verify for TLS connections. // Typically, this is not set and per-workload identity is used to verify // TODO: support this field repeated string subject_alt_names = 6;
Registered: Fri Jun 14 15:00:06 UTC 2024 - Last Modified: Wed Jun 12 18:02:35 UTC 2024 - 12.9K bytes - Viewed (0) -
pilot/pkg/networking/core/listener_waypoint.go
dir, subset = model.TrafficDirectionOutbound, destination.Subset } } return model.BuildSubsetKey( dir, subset, host.Name(destination.Host), port, ) } // NB: Un-typed SAN validation is ignored when typed is used, so only typed version must be used with this function. func buildCommonConnectTLSContext(proxy *model.Proxy, push *model.PushContext) *tls.CommonTlsContext { ctx := &tls.CommonTlsContext{}
Registered: Fri Jun 14 15:00:06 UTC 2024 - Last Modified: Fri Jun 14 04:34:37 UTC 2024 - 27.6K bytes - Viewed (0) -
manifests/charts/istiod-remote/templates/crd-all.gen.yaml
description: '`insecureSkipVerify` specifies whether the proxy should skip verifying the CA signature and SAN for the server certificate corresponding to the host.' nullable: true type: boolean
Registered: Fri Jun 14 15:00:06 UTC 2024 - Last Modified: Thu Jun 06 21:31:42 UTC 2024 - 671.7K bytes - Viewed (0) -
pilot/pkg/model/gateway.go
// hosts and associated routes for that server. // // Note that the common case is one where multiple servers are exposed under a single multi-SAN cert on a single port. // In this case, we have a single https.<portNumber>.<portName>.<gatewayName>.<namespace> RDS for the HTTPS server.
Registered: Fri Jun 14 15:00:06 UTC 2024 - Last Modified: Fri Jun 14 04:34:37 UTC 2024 - 26K bytes - Viewed (0) -
manifests/charts/base/crds/crd-all.gen.yaml
description: '`insecureSkipVerify` specifies whether the proxy should skip verifying the CA signature and SAN for the server certificate corresponding to the host.' nullable: true type: boolean
Registered: Fri Jun 14 15:00:06 UTC 2024 - Last Modified: Thu Jun 06 21:31:42 UTC 2024 - 671.6K bytes - Viewed (0) -
cmd/test-utils_test.go
} // testServerCertPEM and testServerKeyPEM are generated by // https://golang.org/src/crypto/tls/generate_cert.go // $ go run generate_cert.go -ca --host 127.0.0.1 // The generated certificate contains IP SAN, that way we don't need // to enable InsecureSkipVerify in TLS config // Starts the test server and returns the TestServer with TLS configured instance.
Registered: Sun Jun 16 00:44:34 UTC 2024 - Last Modified: Mon Jun 10 15:50:49 UTC 2024 - 76.9K bytes - Viewed (0) -
pkg/workloadapi/workload.pb.go
// Ports for the service. // The target_port may be overridden on a per-workload basis. Ports []*Port `protobuf:"bytes,5,rep,name=ports,proto3" json:"ports,omitempty"` // Optional; if set, the SAN to verify for TLS connections. // Typically, this is not set and per-workload identity is used to verify // TODO: support this field
Registered: Fri Jun 14 15:00:06 UTC 2024 - Last Modified: Wed Jun 12 18:02:35 UTC 2024 - 65.9K bytes - Viewed (0)