- Sort Score
- Result 10 results
- Languages All
Results 1 - 10 of 18 for tlsOptions (0.14 sec)
-
pilot/pkg/bootstrap/certcontroller.go
func (s *Server) initFileCertificateWatches(tlsOptions TLSOptions) error { if err := s.istiodCertBundleWatcher.SetFromFilesAndNotify(tlsOptions.KeyFile, tlsOptions.CertFile, tlsOptions.CaCertFile); err != nil { return fmt.Errorf("set keyCertBundle failed: %v", err) } // TODO: Setup watcher for root and restart server if it changes. for _, file := range []string{tlsOptions.CertFile, tlsOptions.KeyFile} {
Registered: Fri Jun 14 15:00:06 UTC 2024 - Last Modified: Thu Jun 13 17:48:28 UTC 2024 - 11.3K bytes - Viewed (0) -
security/pkg/nodeagent/caclient/providers/citadel/client.go
type CitadelClient struct { // It means enable tls connection to Citadel if this is not nil. tlsOpts *TLSOptions client pb.IstioCertificateServiceClient conn *grpc.ClientConn provider credentials.PerRPCCredentials opts *security.Options } type TLSOptions struct { RootCert string Key string Cert string } // NewCitadelClient create a CA client for Citadel.
Registered: Fri Jun 14 15:00:06 UTC 2024 - Last Modified: Thu May 16 22:12:28 UTC 2024 - 4.9K bytes - Viewed (0) -
pilot/pkg/bootstrap/server_test.go
} // Update cert/key files. if err := os.WriteFile(tlsOptions.CertFile, testcerts.RotatedCert, 0o644); err != nil { // nolint: vetshadow t.Fatalf("WriteFile(%v) failed: %v", tlsOptions.CertFile, err) } if err := os.WriteFile(tlsOptions.KeyFile, testcerts.RotatedKey, 0o644); err != nil { // nolint: vetshadow t.Fatalf("WriteFile(%v) failed: %v", tlsOptions.KeyFile, err) } g := NewWithT(t)
Registered: Fri Jun 14 15:00:06 UTC 2024 - Last Modified: Thu Jun 13 17:48:28 UTC 2024 - 23.1K bytes - Viewed (0) -
security/pkg/nodeagent/caclient/providers/citadel/client_test.go
addr := serve(t, server, tlsOptions(t)) opts := &security.Options{ CAEndpoint: addr, CredFetcher: plugin.CreateTokenPlugin("testdata/token"), ProvCert: certDir, } rootCert := path.Join(certDir, constants.RootCertFilename) key := path.Join(certDir, constants.KeyFilename) cert := path.Join(certDir, constants.CertChainFilename) tlsOpts := &TLSOptions{ RootCert: rootCert, Key: key,
Registered: Fri Jun 14 15:00:06 UTC 2024 - Last Modified: Wed Apr 24 21:03:23 UTC 2024 - 11.8K bytes - Viewed (0) -
pilot/pkg/bootstrap/options.go
// Optional TLS configuration TLSOptions TLSOptions // The listening address for secured gRPC. If the port in the address is empty or "0" (as in "127.0.0.1:" or "[::1]:0") // a port number is automatically chosen. SecureGRPCAddr string } type InjectionOptions struct { // Directory of injection related config files. InjectionDirectory string } // TLSOptions is optional TLS parameters for Istiod server.
Registered: Fri Jun 14 15:00:06 UTC 2024 - Last Modified: Thu Jun 13 17:48:28 UTC 2024 - 6.1K bytes - Viewed (0) -
pilot/pkg/bootstrap/server.go
func hasCustomTLSCerts(tlsOptions TLSOptions) (ok bool, tlsCertPath, tlsKeyPath, caCertPath string) { // load from tls args as priority if hasCustomTLSCertArgs(tlsOptions) { return true, tlsOptions.CertFile, tlsOptions.KeyFile, tlsOptions.CaCertFile }
Registered: Fri Jun 14 15:00:06 UTC 2024 - Last Modified: Thu Jun 13 17:48:28 UTC 2024 - 46.3K bytes - Viewed (0) -
pilot/cmd/pilot-discovery/app/cmd.go
c.PersistentFlags().StringVar(&serverArgs.ServerOptions.TLSOptions.CaCertFile, "caCertFile", "", "File containing the x509 Server CA Certificate") c.PersistentFlags().StringVar(&serverArgs.ServerOptions.TLSOptions.CertFile, "tlsCertFile", "", "File containing the x509 Server Certificate") c.PersistentFlags().StringVar(&serverArgs.ServerOptions.TLSOptions.KeyFile, "tlsKeyFile", "",
Registered: Fri Jun 14 15:00:06 UTC 2024 - Last Modified: Fri Apr 12 16:44:32 UTC 2024 - 8.5K bytes - Viewed (0) -
pkg/istio-agent/plugins.go
// Using citadel CA var tlsOpts *citadel.TLSOptions var err error // Special case: if Istiod runs on a secure network, on the default port, don't use TLS // TODO: may add extra cases or explicit settings - but this is a rare use cases, mostly debugging if strings.HasSuffix(opts.CAEndpoint, ":15010") { log.Warn("Debug mode or IP-secure network") } else { tlsOpts = &citadel.TLSOptions{} tlsOpts.RootCert, err = a.FindRootCAForCA()
Registered: Fri Jun 14 15:00:06 UTC 2024 - Last Modified: Sat May 11 03:32:57 UTC 2024 - 2.7K bytes - Viewed (0) -
pilot/pkg/bootstrap/webhook.go
return } tlsConfig := &tls.Config{ GetCertificate: s.getIstiodCertificate, MinVersion: tls.VersionTLS12, CipherSuites: args.ServerOptions.TLSOptions.CipherSuits, } // Compliance for control plane validation and injection webhook server. sec_model.EnforceGoCompliance(tlsConfig) istiolog.Info("initializing secure webhook server for istiod webhooks")
Registered: Fri Jun 14 15:00:06 UTC 2024 - Last Modified: Tue Jun 11 17:37:53 UTC 2024 - 2.7K bytes - Viewed (0) -
pkg/kubelet/server/server.go
WriteTimeout: 4 * 60 * time.Minute, MaxHeaderBytes: 1 << 20, } if tlsOptions != nil { s.TLSConfig = tlsOptions.Config // Passing empty strings as the cert and key files means no // cert/keys are specified and GetCertificate in the TLSConfig // should be called instead. if err := s.ListenAndServeTLS(tlsOptions.CertFile, tlsOptions.KeyFile); err != nil { klog.ErrorS(err, "Failed to listen and serve") os.Exit(1)
Registered: Sat Jun 15 01:39:40 UTC 2024 - Last Modified: Tue Jun 04 06:25:43 UTC 2024 - 40.1K bytes - Viewed (0)