- Sort Score
- Result 10 results
- Languages All
Results 1 - 10 of 43 for certRoot (0.21 sec)
-
security/pkg/nodeagent/cache/secretcache.go
} type secretCache struct { mu sync.RWMutex workload *security.SecretItem certRoot []byte } // GetRoot returns cached root cert and cert expiration time. This method is thread safe. func (s *secretCache) GetRoot() (rootCert []byte) { s.mu.RLock() defer s.mu.RUnlock() return s.certRoot } // SetRoot sets root cert into cache. This method is thread safe.
Registered: Fri Jun 14 15:00:06 UTC 2024 - Last Modified: Mon Mar 04 08:29:46 UTC 2024 - 28.2K bytes - Viewed (0) -
src/crypto/x509/cert_pool.go
getCert func() (*Certificate, error) } // NewCertPool returns a new, empty CertPool. func NewCertPool() *CertPool { return &CertPool{ byName: make(map[string][]int), haveSum: make(map[sum224]bool), } } // len returns the number of certs in the set. // A nil set is a valid empty set. func (s *CertPool) len() int { if s == nil { return 0 } return len(s.lazyCerts) }
Registered: Wed Jun 12 16:32:35 UTC 2024 - Last Modified: Thu Nov 09 19:41:40 UTC 2023 - 8.9K bytes - Viewed (0) -
pilot/pkg/grpc/tls.go
} func getRootCertificate(rootCertFile string) (*x509.CertPool, error) { var certPool *x509.CertPool var rootCert []byte var err error if rootCertFile != "" { rootCert, err = os.ReadFile(rootCertFile) if err != nil { return nil, err } certPool = x509.NewCertPool() ok := certPool.AppendCertsFromPEM(rootCert) if !ok {
Registered: Fri Jun 14 15:00:06 UTC 2024 - Last Modified: Thu Mar 28 22:11:02 UTC 2024 - 2.9K bytes - Viewed (0) -
src/crypto/x509/root.go
// See go.dev/issue/67401. // //go:linkname systemRoots var ( once sync.Once systemRootsMu sync.RWMutex systemRoots *CertPool systemRootsErr error fallbacksSet bool ) func systemRootsPool() *CertPool { once.Do(initSystemRoots) systemRootsMu.RLock() defer systemRootsMu.RUnlock() return systemRoots } func initSystemRoots() { systemRootsMu.Lock()
Registered: Wed Jun 12 16:32:35 UTC 2024 - Last Modified: Wed May 29 17:58:53 UTC 2024 - 2.3K bytes - Viewed (0) -
pkg/test/echo/server/forwarder/config.go
} if r.InsecureSkipVerify || r.CaCert == "" { tlsConfig.InsecureSkipVerify = true } else if r.CaCert != "" { certPool := x509.NewCertPool() if !certPool.AppendCertsFromPEM([]byte(r.CaCert)) { return nil, fmt.Errorf("failed to create cert pool") } tlsConfig.RootCAs = certPool } setALPNForHTTP := func() { if r.Alpn == nil { switch { case r.Http3: // Do nothing.
Registered: Fri Jun 14 15:00:06 UTC 2024 - Last Modified: Sun Oct 08 09:39:20 UTC 2023 - 9.8K bytes - Viewed (0) -
pkg/test/framework/components/istio/ca.go
func newCitadelClient(endpoint string, rootCert []byte) (pb.IstioCertificateServiceClient, error) { certPool := x509.NewCertPool() ok := certPool.AppendCertsFromPEM(rootCert) if !ok { return nil, fmt.Errorf("failed to append certificates") } config := tls.Config{ RootCAs: certPool, InsecureSkipVerify: true, // nolint: gosec // test only code } transportCreds := credentials.NewTLS(&config)
Registered: Fri Jun 14 15:00:06 UTC 2024 - Last Modified: Wed Mar 27 16:59:05 UTC 2024 - 4.5K bytes - Viewed (0) -
pkg/spiffe/spiffe.go
type PeerCertVerifier struct { generalCertPool *x509.CertPool certPools map[string]*x509.CertPool } // NewPeerCertVerifier returns a new PeerCertVerifier. func NewPeerCertVerifier() *PeerCertVerifier { return &PeerCertVerifier{ generalCertPool: x509.NewCertPool(), certPools: make(map[string]*x509.CertPool), } }
Registered: Fri Jun 14 15:00:06 UTC 2024 - Last Modified: Thu May 23 21:07:03 UTC 2024 - 11.1K bytes - Viewed (0) -
src/crypto/x509/root_windows.go
"errors" "strings" "syscall" "unsafe" ) func loadSystemRoots() (*CertPool, error) { return &CertPool{systemPool: true}, nil } // Creates a new *syscall.CertContext representing the leaf certificate in an in-memory // certificate store containing itself and all of the intermediate certificates specified // in the opts.Intermediates CertPool. //
Registered: Wed Jun 12 16:32:35 UTC 2024 - Last Modified: Thu Nov 09 19:41:40 UTC 2023 - 8.7K bytes - Viewed (0) -
istioctl/pkg/kubeinject/kubeinject.go
var address string if cc.URL != nil { address = *cc.URL } var certPool *x509.CertPool if len(cc.CABundle) > 0 { certPool = x509.NewCertPool() certPool.AppendCertsFromPEM(cc.CABundle) } else { var err error certPool, err = x509.SystemCertPool() if err != nil { return nil, err } } tlsClientConfig := &tls.Config{RootCAs: certPool, MinVersion: tls.VersionTLS12} client := http.Client{
Registered: Fri Jun 14 15:00:06 UTC 2024 - Last Modified: Fri Mar 29 02:29:02 UTC 2024 - 21.6K bytes - Viewed (0) -
pilot/pkg/trustbundle/trustbundle.go
endpointUpdateChan chan struct{} remoteCaCertPool *x509.CertPool meshConfig mesh.Watcher } var ( trustBundleLog = log.RegisterScope("trustBundle", "Workload mTLS trust bundle logs") remoteTimeout = 10 * time.Second ) // NewTrustBundle returns a new trustbundle func NewTrustBundle(remoteCaCertPool *x509.CertPool, meshConfig mesh.Watcher) *TrustBundle { var err error tb := &TrustBundle{
Registered: Fri Jun 14 15:00:06 UTC 2024 - Last Modified: Thu May 23 21:07:03 UTC 2024 - 7.8K bytes - Viewed (0)