Search Options

Results per page
Sort
Preferred Languages
Advance

Results 1 - 9 of 9 for SNICerts (0.11 sec)

  2. github.com/kubernetes/kubernetes

    staging/src/k8s.io/apiserver/pkg/server/dynamiccertificates/named_certificates.go 

    	nameToCertificate := map[string]*tls.Certificate{}
	byNameExplicit := map[string]*tls.Certificate{}

	// Iterate backwards so that earlier certs take precedence in the names map
	for i := len(sniCerts) - 1; i >= 0; i-- {
		cert, err := tls.X509KeyPair(sniCerts[i].cert, sniCerts[i].key)
		if err != nil {
    Registered: Sat Jun 15 01:39:40 UTC 2024
    - Last Modified: Thu Jul 21 07:29:30 UTC 2022
    - 3.2K bytes
    - Viewed (0)
  3. github.com/kubernetes/kubernetes

    staging/src/k8s.io/apiserver/pkg/server/dynamiccertificates/tlsconfig_test.go 

    		clientCA    CAContentProvider
		servingCert CertKeyContentProvider
		sniCerts    []SNICertKeyContentProvider

		expected    *dynamicCertificateContent
		expectedErr string
	}{
		{
			name:        "filled",
			clientCA:    &staticCAContent{name: "test-ca", caBundle: &caBundleAndVerifier{caBundle: []byte("content-1")}},
			servingCert: testCertProvider,
			sniCerts:    []SNICertKeyContentProvider{testCertProvider},
    Registered: Sat Jun 15 01:39:40 UTC 2024
    - Last Modified: Fri Apr 14 00:05:53 UTC 2023
    - 5.3K bytes
    - Viewed (0)
  4. github.com/kubernetes/kubernetes

    staging/src/k8s.io/apiserver/pkg/server/dynamiccertificates/tlsconfig.go 

    	clientCA CAContentProvider,
	servingCert CertKeyContentProvider,
	sniCerts []SNICertKeyContentProvider,
	eventRecorder events.EventRecorder,
) *DynamicServingCertificateController {
	c := &DynamicServingCertificateController{
		baseTLSConfig: baseTLSConfig,
		clientCA:      clientCA,
		servingCert:   servingCert,
		sniCerts:      sniCerts,

		queue: workqueue.NewTypedRateLimitingQueueWithConfig(
    Registered: Sat Jun 15 01:39:40 UTC 2024
    - Last Modified: Sat May 04 18:33:12 UTC 2024
    - 10.3K bytes
    - Viewed (0)
  5. github.com/kubernetes/kubernetes

    staging/src/k8s.io/apiserver/pkg/server/dynamiccertificates/named_certificates_test.go 

    				continue NextTest
			}
			bySignature[sig] = j
		}

		c := DynamicServingCertificateController{sniCerts: sniCerts}
		content, err := c.newTLSContent()
		assert.NoError(t, err)

		certMap, err := c.BuildNamedCertificates(content.sniCerts)
		if err == nil && len(test.errorString) != 0 {
			t.Errorf("%d - expected no error, got: %v", i, err)
    Registered: Sat Jun 15 01:39:40 UTC 2024
    - Last Modified: Fri Aug 20 08:42:09 UTC 2021
    - 8K bytes
    - Viewed (0)
  6. github.com/kubernetes/kubernetes

    staging/src/k8s.io/apiserver/pkg/server/options/serving_test.go 

    				host: "localhost",
				ips:  []string{"127.0.0.1"},
			},
			SNICerts: []NamedTestCertSpec{
				{
					TestCertSpec: TestCertSpec{
						host: "localhost",
					},
				},
			},
			ExpectedCertIndex: 0,
		},
		"matching SNI cert": {
			Cert: TestCertSpec{
				host: "localhost",
				ips:  []string{"127.0.0.1"},
			},
			SNICerts: []NamedTestCertSpec{
				{
					TestCertSpec: TestCertSpec{
    Registered: Sat Jun 15 01:39:40 UTC 2024
    - Last Modified: Thu May 09 15:52:39 UTC 2024
    - 13.8K bytes
    - Viewed (0)
  7. github.com/kubernetes/kubernetes

    staging/src/k8s.io/apiserver/pkg/server/options/serving_with_loopback_test.go 

    		t.Errorf("unexpected error: %v", err)
	}
	if loopbackClientConfig == nil {
		t.Errorf("unexpected empty loopbackClientConfig")
	}
	if e, a := 1, len(secureServingInfo.SNICerts); e != a {
		t.Errorf("expected %d SNICert, got %d", e, a)
	}
    Registered: Sat Jun 15 01:39:40 UTC 2024
    - Last Modified: Fri Aug 20 08:42:09 UTC 2021
    - 1.4K bytes
    - Viewed (0)
  8. github.com/kubernetes/kubernetes

    staging/src/k8s.io/apiserver/pkg/server/secure_serving.go 

    		tlsConfig.ClientAuth = tls.RequestClientCert
	}

	if s.ClientCA != nil || s.Cert != nil || len(s.SNICerts) > 0 {
		dynamicCertificateController := dynamiccertificates.NewDynamicServingCertificateController(
			tlsConfig,
			s.ClientCA,
			s.Cert,
			s.SNICerts,
			nil, // TODO see how to plumb an event recorder down in here. For now this results in simply klog messages.
		)

		if s.ClientCA != nil {
    Registered: Sat Jun 15 01:39:40 UTC 2024
    - Last Modified: Thu Oct 12 20:54:07 UTC 2023
    - 10.3K bytes
    - Viewed (0)
  9. github.com/kubernetes/kubernetes

    staging/src/k8s.io/apiserver/pkg/server/config.go 

    	Listener net.Listener

	// Cert is the main server cert which is used if SNI does not match. Cert must be non-nil and is
	// allowed to be in SNICerts.
	Cert dynamiccertificates.CertKeyContentProvider

	// SNICerts are the TLS certificates used for SNI.
	SNICerts []dynamiccertificates.SNICertKeyContentProvider

	// ClientCA is the certificate bundle for all the signers that you'll recognize for incoming client certificates
    Registered: Sat Jun 15 01:39:40 UTC 2024
    - Last Modified: Tue May 28 08:48:22 UTC 2024
    - 47.7K bytes
    - Viewed (0)
  10. github.com/kubernetes/kubernetes

    staging/src/k8s.io/apiserver/pkg/server/options/serving.go 

    		namedTLSCerts = append(namedTLSCerts, tlsCert)
		if err != nil {
			return fmt.Errorf("failed to load SNI cert and key: %v", err)
		}
	}
	c.SNICerts = namedTLSCerts

	return nil
}

func (s *SecureServingOptions) MaybeDefaultWithSelfSignedCerts(publicAddress string, alternateDNS []string, alternateIPs []net.IP) error {
    Registered: Sat Jun 15 01:39:40 UTC 2024
    - Last Modified: Sat Apr 27 13:08:18 UTC 2024
    - 15.9K bytes
    - Viewed (1)
Back to top