- Sort Score
- Result 10 results
- Languages All
Results 1 - 8 of 8 for SubjectIDs (3.11 sec)
-
security/pkg/pki/util/generate_cert_test.go
Registered: Fri Jun 14 15:00:06 UTC 2024 - Last Modified: Mon Nov 06 12:48:53 UTC 2023 - 29.4K bytes - Viewed (0) -
security/pkg/pki/ra/common.go
func ValidateCSR(csrPEM []byte, subjectIDs []string) bool { csr, err := util.ParsePemEncodedCSR(csrPEM) if err != nil { return false } if err := csr.CheckSignature(); err != nil { return false } csrIDs, err := util.ExtractIDs(csr.Extensions) if err != nil { return false } for _, s1 := range csrIDs { if !slices.Contains(subjectIDs, s1) { return false } } return true }
Registered: Fri Jun 14 15:00:06 UTC 2024 - Last Modified: Mon Sep 11 19:57:30 UTC 2023 - 4.4K bytes - Viewed (0) -
security/pkg/pki/ca/ca.go
} var pkiCaLog = log.RegisterScope("pkica", "Citadel CA log") // caTypes is the enum for the CA type. type caTypes int type CertOpts struct { // SubjectIDs are used for building the SAN extension for the certificate. SubjectIDs []string // TTL is the requested lifetime (Time to live) to be applied in the certificate. TTL time.Duration // ForCA indicates whether the signed certificate if for CA.
Registered: Fri Jun 14 15:00:06 UTC 2024 - Last Modified: Thu Nov 30 19:33:26 UTC 2023 - 17.2K bytes - Viewed (0) -
security/pkg/nodeagent/caclient/providers/mock/mockcaclient.go
csr, err := util.ParsePemEncodedCSR(csrPEM) if err != nil { return nil, fmt.Errorf("csr sign error: %v", err) } subjectIDs := []string{"test"} certBytes, err := util.GenCertFromCSR(csr, signingCert, csr.PublicKey, *signingKey, subjectIDs, c.certLifetime, false) if err != nil { return nil, fmt.Errorf("csr sign error: %v", err) } block := &pem.Block{ Type: "CERTIFICATE",
Registered: Fri Jun 14 15:00:06 UTC 2024 - Last Modified: Thu May 16 22:12:28 UTC 2024 - 3K bytes - Viewed (0) -
security/pkg/nodeagent/test/mock/caserver.go
response := &pb.IstioCertificateResponse{ CertChain: respCertChain, } caServerLog.Info("send back CSR success response") return response, nil } func (s *CAServer) sign(csrPEM []byte, subjectIDs []string, _ time.Duration, forCA bool) ([]byte, error) { csr, err := util.ParsePemEncodedCSR(csrPEM) if err != nil { caServerLog.Errorf("failed to parse CSR: %+v", err)
Registered: Fri Jun 14 15:00:06 UTC 2024 - Last Modified: Thu May 23 21:07:03 UTC 2024 - 5.9K bytes - Viewed (0) -
security/pkg/pki/ra/k8s_ra_test.go
} subjectID := spiffe.Identity{TrustDomain: "cluster.local", Namespace: "default", ServiceAccount: "bookinfo-productpage"}.String() certOptions := ca.CertOpts{ SubjectIDs: []string{subjectID}, TTL: 60 * time.Second, ForCA: false, CertSigner: "kube-apiserver-client", } _, err = ra.SignWithCertChain(csrPEM, certOptions)
Registered: Fri Jun 14 15:00:06 UTC 2024 - Last Modified: Wed Sep 27 00:44:54 UTC 2023 - 9.7K bytes - Viewed (0) -
security/pkg/pki/ca/ca_test.go
} csrPEM, privPEM, err := util.GenCSR(opts) if err != nil { t.Error(err) } caCertOpts := CertOpts{ SubjectIDs: []string{"localhost"}, TTL: time.Hour, ForCA: false, } certPEM, signErr := ca.signWithCertChain(csrPEM, caCertOpts.SubjectIDs, caCertOpts.TTL, true, caCertOpts.ForCA) if signErr != nil { t.Error(err) } cert, err := tls.X509KeyPair(certPEM, privPEM)
Registered: Fri Jun 14 15:00:06 UTC 2024 - Last Modified: Tue Oct 31 08:51:27 UTC 2023 - 29.1K bytes - Viewed (0) -
security/pkg/server/ca/server.go
certSigner := crMetadata[security.CertSigner].GetStringValue() _, _, certChainBytes, rootCertBytes := s.ca.GetCAKeyCertBundle().GetAll() certOpts := ca.CertOpts{ SubjectIDs: sans, TTL: time.Duration(request.ValidityDuration) * time.Second, ForCA: false, CertSigner: certSigner, } var signErr error var cert []byte var respCertChain []string
Registered: Fri Jun 14 15:00:06 UTC 2024 - Last Modified: Tue May 28 17:35:26 UTC 2024 - 8K bytes - Viewed (0)