- Sort Score
- Result 10 results
- Languages All
Results 1 - 10 of 27 for caCertFile (0.15 sec)
-
security/pkg/pki/util/keycertbundle_test.go
} // The test of CertOptions func TestCertOptionsAndRetrieveID(t *testing.T) { testCases := map[string]struct { caCertFile string caKeyFile string certChainFile []string rootCertFile string certOptions *CertOptions expectedErr string }{ "No SAN RSA": { caCertFile: rootCertFile, caKeyFile: rootKeyFile, certChainFile: nil, rootCertFile: rootCertFile,
Registered: Fri Jun 14 15:00:06 UTC 2024 - Last Modified: Sun Jan 21 06:07:50 UTC 2024 - 15.8K bytes - Viewed (0) -
security/pkg/pki/ca/selfsignedcarootcertrotator_test.go
rootCertInKeyCertBundle []byte } func verifyRootCertAndPrivateKey(t *testing.T, shouldMatch bool, itemA, itemB rootCertItem) { isMatched := bytes.Equal(itemA.caSecret.Data[CACertFile], itemB.caSecret.Data[CACertFile]) if isMatched != shouldMatch { t.Errorf("Verification of root cert in CA secret failed. Want %v got %v", shouldMatch, isMatched) }
Registered: Fri Jun 14 15:00:06 UTC 2024 - Last Modified: Wed Oct 11 23:33:41 UTC 2023 - 14.1K bytes - Viewed (0) -
security/pkg/pki/ca/selfsignedcarootcertrotator.go
// Reload root certificate into key cert bundle. if !bytes.Equal(caCertInMem, caSecret.Data[CACertFile]) { rootCertRotatorLog.Warnf("CA cert in KeyCertBundle does not match CA cert in "+ "%s. Start to reload root cert into KeyCertBundle", rotator.config.secretName) rootCerts, err := util.AppendRootCerts(caSecret.Data[CACertFile], rotator.config.rootCertFile) if err != nil {
Registered: Fri Jun 14 15:00:06 UTC 2024 - Last Modified: Thu Nov 30 19:33:26 UTC 2023 - 10.4K bytes - Viewed (0) -
security/pkg/pki/ra/common.go
// MaxCertTTL: Maximum Certificate TTL that can be requested MaxCertTTL time.Duration // CaCertFile : File containing PEM encoded CA root certificate of external CA CaCertFile string // CaSigner : To indicate custom CA Signer name when using external K8s CA CaSigner string // VerifyAppendCA : Whether to use caCertFile containing CA root cert to verify and append to signed cert-chain VerifyAppendCA bool
Registered: Fri Jun 14 15:00:06 UTC 2024 - Last Modified: Mon Sep 11 19:57:30 UTC 2023 - 4.4K bytes - Viewed (0) -
pilot/pkg/bootstrap/istio_ca.go
if certSignerDomain == "" { log.Infof("CA cert file %q not found, using %q.", caCertFile, defaultCACertPath) caCertFile = defaultCACertPath } else { log.Infof("CA cert file %q not found - ignoring.", caCertFile) caCertFile = "" } } if s.kubeClient == nil { return nil, fmt.Errorf("kubeClient is nil") } raOpts := &ra.IstioRAOptions{ ExternalCAType: opts.ExternalCAType,
Registered: Fri Jun 14 15:00:06 UTC 2024 - Last Modified: Thu Jun 13 17:48:28 UTC 2024 - 20.6K bytes - Viewed (0) -
pkg/test/framework/components/echo/common/call.go
Key: opts.TLS.Key, CaCert: opts.TLS.CaCert, CertFile: opts.TLS.CertFile, KeyFile: opts.TLS.KeyFile, CaCertFile: opts.TLS.CaCertFile, InsecureSkipVerify: opts.TLS.InsecureSkipVerify, Alpn: getProtoALPN(opts.TLS.Alpn), FollowRedirects: opts.HTTP.FollowRedirects,
Registered: Fri Jun 14 15:00:06 UTC 2024 - Last Modified: Sun Oct 08 09:39:20 UTC 2023 - 6.7K bytes - Viewed (0) -
security/pkg/pki/ra/k8s_ra.go
// NewKubernetesRA : Create a RA that interfaces with K8S CSR CA func NewKubernetesRA(raOpts *IstioRAOptions) (*KubernetesRA, error) { keyCertBundle, err := util.NewKeyCertBundleWithRootCertFromFile(raOpts.CaCertFile) if err != nil { return nil, raerror.NewError(raerror.CAInitFail, fmt.Errorf("error processing Certificate Bundle for Kubernetes RA")) } istioRA := &KubernetesRA{ csrInterface: raOpts.K8sClient,
Registered: Fri Jun 14 15:00:06 UTC 2024 - Last Modified: Wed Aug 02 14:34:38 UTC 2023 - 7.2K bytes - Viewed (0) -
security/pkg/pki/ca/ca_test.go
} if caSecret.Data[PrivateKeyFile] != nil { t.Fatalf("Private key should be nil but got %v", caSecret.Data[PrivateKeyFile]) } if !bytes.Equal(caSecret.Data[CACertFile], CertPem) { t.Fatalf("CA cert does not match, want %v got %v", CertPem, caSecret.Data[CACertFile]) } if !bytes.Equal(caSecret.Data[CAPrivateKeyFile], KeyPem) { t.Fatalf("CA cert does not match, want %v got %v", KeyPem, caSecret.Data[CAPrivateKeyFile]) }
Registered: Fri Jun 14 15:00:06 UTC 2024 - Last Modified: Tue Oct 31 08:51:27 UTC 2023 - 29.1K bytes - Viewed (0) -
pkg/test/echo/proto/echo.proto
string caCert = 12; // If non-empty, make the request with the corresponding cert and key file. string certFile = 16; string keyFile = 17; // If non-empty, verify the server CA with the ca cert file. string caCertFile = 18; // Skip verifying peer's certificate. bool insecureSkipVerify = 19; // List of ALPNs to present. If not set, this will be automatically be set based on the protocol Alpn alpn = 13;
Registered: Fri Jun 14 15:00:06 UTC 2024 - Last Modified: Tue Jan 31 17:42:23 UTC 2023 - 3.8K bytes - Viewed (0) -
tests/integration/ambient/cacert_rotation_test.go
} return nil } func getX509FromFile(t framework.TestContext, caCertFile string) *x509.Certificate { certBytes, err := cert.ReadSampleCertFromFile(caCertFile) if err != nil { t.Errorf("failed to read %s file: %v", caCertFile, err) } return parseCert(t, certBytes) } func parseCert(t framework.TestContext, certBytes []byte) *x509.Certificate {
Registered: Fri Jun 14 15:00:06 UTC 2024 - Last Modified: Tue Apr 16 03:28:36 UTC 2024 - 6.1K bytes - Viewed (0)