Search Options

Results per page
Sort
Preferred Languages
Advance

Results 1 - 10 of 200 for caCert (0.31 sec)

  2. github.com/istio/istio

    tests/integration/security/sds_ingress/ingress_test.go 

    // (1) A valid kubernetes secret with key/cert and client CA cert is added, verifies that SSL connection
// termination is working properly. This secret is a compound secret.
// (2) After key/cert rotation, client needs to pick new CA cert to complete SSL connection. Old CA
// cert will cause the SSL connection fail.
func TestSingleMTLSGatewayAndNotGeneric_CompoundSecretRotation(t *testing.T) {
    Registered: Fri Jun 14 15:00:06 UTC 2024
    - Last Modified: Mon Apr 08 22:02:59 UTC 2024
    - 32.7K bytes
    - Viewed (0)
  3. github.com/kubernetes/kubernetes

    cmd/kubeadm/app/phases/certs/certs_test.go 

    	}

	for caCert, certs := range tree {
		if err := validateCACert(certKeyLocation{dir, caCert.BaseName, "", caCert.Name}); err != nil {
			t.Errorf("couldn't validate CA certificate %v: %v", caCert.Name, err)
			// Don't bother validating child certs, but do try the other CAs
			continue
		}

		for _, cert := range certs {
    Registered: Sat Jun 15 01:39:40 UTC 2024
    - Last Modified: Wed Jan 31 21:49:21 UTC 2024
    - 23.3K bytes
    - Viewed (0)
  4. github.com/istio/istio

    pilot/pkg/credentials/kube/secrets_test.go 

    		},
		{
			name:          "generic-mtls-split-cacert",
			namespace:     "default",
			caCert:        "generic-mtls-split-ca",
			expectedError: "found secret, but didn't have expected keys (cert and key) or (tls.crt and tls.key); found: cacert",
		},
		// The -cacert secret has precedence
		{
			name:          "overlap-cacert",
			namespace:     "default",
    Registered: Fri Jun 14 15:00:06 UTC 2024
    - Last Modified: Fri Feb 23 19:18:21 UTC 2024
    - 18.4K bytes
    - Viewed (0)
  5. github.com/istio/istio

    tests/integration/security/sds_ingress/util/util.go 

    				}

				ing := inst.IngressFor(fromCluster)
				if ing == nil {
					t.Skip()
				}
				tlsContext := TLSContext{
					CaCert: CaCertA,
				}
				if callType == Mtls {
					tlsContext = TLSContext{
						CaCert:     CaCertA,
						PrivateKey: TLSClientKeyA,
						Cert:       TLSClientCertA,
					}
				}

				for _, h := range tests {
					t.NewSubTest(h.Host).Run(func(t framework.TestContext) {
    Registered: Fri Jun 14 15:00:06 UTC 2024
    - Last Modified: Tue Jul 25 05:12:36 UTC 2023
    - 20.2K bytes
    - Viewed (0)
  6. github.com/kubernetes/kubernetes

    pkg/registry/certificates/certificates/storage/metrics_test.go 

    	"k8s.io/apimachinery/pkg/runtime"
	certutil "k8s.io/client-go/util/cert"
	"k8s.io/client-go/util/certificate/csr"
	"k8s.io/component-base/metrics"
	"k8s.io/kubernetes/pkg/apis/certificates"
	"k8s.io/utils/ptr"
)

func Test_countCSRDurationMetric(t *testing.T) {
	caPrivateKey, err := ecdsa.GenerateKey(elliptic.P256(), rand.Reader)
	if err != nil {
		t.Fatal(err)
	}
    Registered: Sat Jun 15 01:39:40 UTC 2024
    - Last Modified: Mon Apr 15 14:34:53 UTC 2024
    - 13.7K bytes
    - Viewed (0)
  7. github.com/kubernetes/kubernetes

    cmd/kubeadm/app/phases/kubeconfig/kubeconfig_test.go 

    	kubeconfigtestutil.AssertKubeConfigCurrentCluster(t, config, "https://1.2.3.4:1234", caCert)
	kubeconfigtestutil.AssertKubeConfigCurrentAuthInfoWithClientCert(t, config, caCert, notAfter, "myClientName", "myOrg1", "myOrg2")
}

func TestBuildKubeConfigFromSpecWithTokenAuth(t *testing.T) {
	// Creates a CA
	caCert, _ := certstestutil.SetupCertificateAuthority(t)
    Registered: Sat Jun 15 01:39:40 UTC 2024
    - Last Modified: Fri Jun 07 17:04:18 UTC 2024
    - 39.5K bytes
    - Viewed (0)
  8. github.com/istio/istio

    security/pkg/k8s/chiron/utils.go 

    	caCert, err := os.ReadFile(caCertPath)
	if err != nil {
		log.Errorf("failed to read CA cert, cert. path: %v, error: %v", caCertPath, err)
		return nil, fmt.Errorf("failed to read CA cert, cert. path: %v, error: %v", caCertPath, err)
	}

	b, _ := pem.Decode(caCert)
	if b == nil {
		return nil, fmt.Errorf("could not decode pem")
	}
	if b.Type != "CERTIFICATE" {
    Registered: Fri Jun 14 15:00:06 UTC 2024
    - Last Modified: Fri Apr 05 18:11:22 UTC 2024
    - 9.2K bytes
    - Viewed (0)
  9. github.com/istio/istio

    pilot/pkg/xds/sds_test.go 

    	})
)

func readFile(name string) string {
	cacert, _ := os.ReadFile(name)
	return string(cacert)
}

func TestGenerateSDS(t *testing.T) {
	type Expected struct {
		Key    string
		Cert   string
		CaCert string
		CaCrl  string
	}
	allResources := []string{
		"kubernetes://generic", "kubernetes://generic-mtls", "kubernetes://generic-mtls-cacert",
    Registered: Fri Jun 14 15:00:06 UTC 2024
    - Last Modified: Mon May 13 20:55:20 UTC 2024
    - 17.7K bytes
    - Viewed (0)
  10. github.com/kubernetes/kubernetes

    staging/src/k8s.io/apiserver/plugin/pkg/authorizer/webhook/metrics_test.go 

    			serverCert: serverCert, serverKey: serverKey, serverCA: caCert,
			expectedRegisteredStatusCode: "200",
			expectEvalutionResult:        "success",
			expectDurationResult:         "success",
			expectFailOpenResult:         "",
		},

		{
			name:       "timed out request",
			clientCert: clientCert, clientKey: clientKey, clientCA: caCert,
    Registered: Sat Jun 15 01:39:40 UTC 2024
    - Last Modified: Mon Mar 04 19:01:15 UTC 2024
    - 6.6K bytes
    - Viewed (0)
  11. github.com/square/okhttp

    okhttp/src/main/kotlin/okhttp3/internal/tls/BasicTrustRootIndex.kt 

        for (caCert in caCerts) {
      map.getOrPut(caCert.subjectX500Principal) { mutableSetOf() }.add(caCert)
    }
    this.subjectToCaCerts = map
  }

  override fun findByIssuerAndSignature(cert: X509Certificate): X509Certificate? {
    val issuer = cert.issuerX500Principal
    val subjectCaCerts = subjectToCaCerts[issuer] ?: return null

    return subjectCaCerts.firstOrNull {
    Registered: Sun Jun 16 04:42:17 UTC 2024
    - Last Modified: Mon Jan 08 01:13:22 UTC 2024
    - 1.8K bytes
    - Viewed (0)
Back to top