- Sort Score
- Result 10 results
- Languages All
Results 1 - 10 of 37 for certRoot (0.16 sec)
-
security/pkg/nodeagent/cache/secretcache.go
} type secretCache struct { mu sync.RWMutex workload *security.SecretItem certRoot []byte } // GetRoot returns cached root cert and cert expiration time. This method is thread safe. func (s *secretCache) GetRoot() (rootCert []byte) { s.mu.RLock() defer s.mu.RUnlock() return s.certRoot } // SetRoot sets root cert into cache. This method is thread safe.
Registered: Fri Jun 14 15:00:06 UTC 2024 - Last Modified: Mon Mar 04 08:29:46 UTC 2024 - 28.2K bytes - Viewed (0) -
pilot/pkg/grpc/tls.go
} func getRootCertificate(rootCertFile string) (*x509.CertPool, error) { var certPool *x509.CertPool var rootCert []byte var err error if rootCertFile != "" { rootCert, err = os.ReadFile(rootCertFile) if err != nil { return nil, err } certPool = x509.NewCertPool() ok := certPool.AppendCertsFromPEM(rootCert) if !ok {
Registered: Fri Jun 14 15:00:06 UTC 2024 - Last Modified: Thu Mar 28 22:11:02 UTC 2024 - 2.9K bytes - Viewed (0) -
src/crypto/x509/root.go
// See go.dev/issue/67401. // //go:linkname systemRoots var ( once sync.Once systemRootsMu sync.RWMutex systemRoots *CertPool systemRootsErr error fallbacksSet bool ) func systemRootsPool() *CertPool { once.Do(initSystemRoots) systemRootsMu.RLock() defer systemRootsMu.RUnlock() return systemRoots } func initSystemRoots() { systemRootsMu.Lock()
Registered: Wed Jun 12 16:32:35 UTC 2024 - Last Modified: Wed May 29 17:58:53 UTC 2024 - 2.3K bytes - Viewed (0) -
pkg/test/framework/components/istio/ca.go
func newCitadelClient(endpoint string, rootCert []byte) (pb.IstioCertificateServiceClient, error) { certPool := x509.NewCertPool() ok := certPool.AppendCertsFromPEM(rootCert) if !ok { return nil, fmt.Errorf("failed to append certificates") } config := tls.Config{ RootCAs: certPool, InsecureSkipVerify: true, // nolint: gosec // test only code } transportCreds := credentials.NewTLS(&config)
Registered: Fri Jun 14 15:00:06 UTC 2024 - Last Modified: Wed Mar 27 16:59:05 UTC 2024 - 4.5K bytes - Viewed (0) -
pkg/spiffe/spiffe.go
type PeerCertVerifier struct { generalCertPool *x509.CertPool certPools map[string]*x509.CertPool } // NewPeerCertVerifier returns a new PeerCertVerifier. func NewPeerCertVerifier() *PeerCertVerifier { return &PeerCertVerifier{ generalCertPool: x509.NewCertPool(), certPools: make(map[string]*x509.CertPool), } }
Registered: Fri Jun 14 15:00:06 UTC 2024 - Last Modified: Thu May 23 21:07:03 UTC 2024 - 11.1K bytes - Viewed (0) -
istioctl/pkg/kubeinject/kubeinject.go
var address string if cc.URL != nil { address = *cc.URL } var certPool *x509.CertPool if len(cc.CABundle) > 0 { certPool = x509.NewCertPool() certPool.AppendCertsFromPEM(cc.CABundle) } else { var err error certPool, err = x509.SystemCertPool() if err != nil { return nil, err } } tlsClientConfig := &tls.Config{RootCAs: certPool, MinVersion: tls.VersionTLS12} client := http.Client{
Registered: Fri Jun 14 15:00:06 UTC 2024 - Last Modified: Fri Mar 29 02:29:02 UTC 2024 - 21.6K bytes - Viewed (0) -
pilot/pkg/trustbundle/trustbundle.go
endpointUpdateChan chan struct{} remoteCaCertPool *x509.CertPool meshConfig mesh.Watcher } var ( trustBundleLog = log.RegisterScope("trustBundle", "Workload mTLS trust bundle logs") remoteTimeout = 10 * time.Second ) // NewTrustBundle returns a new trustbundle func NewTrustBundle(remoteCaCertPool *x509.CertPool, meshConfig mesh.Watcher) *TrustBundle { var err error tb := &TrustBundle{
Registered: Fri Jun 14 15:00:06 UTC 2024 - Last Modified: Thu May 23 21:07:03 UTC 2024 - 7.8K bytes - Viewed (0) -
src/net/http/httptest/server.go
if err != nil { panic(fmt.Sprintf("httptest: NewTLSServer: %v", err)) } certpool := x509.NewCertPool() certpool.AddCert(s.certificate) s.client.Transport = &http.Transport{ TLSClientConfig: &tls.Config{ RootCAs: certpool, }, ForceAttemptHTTP2: s.EnableHTTP2, } s.Listener = tls.NewListener(s.Listener, s.TLS)
Registered: Wed Jun 12 16:32:35 UTC 2024 - Last Modified: Fri May 10 17:26:10 UTC 2024 - 10.7K bytes - Viewed (0) -
internal/config/etcd/etcd.go
func Enabled(kvs config.KVS) bool { endpoints := kvs.Get(Endpoints) return endpoints != "" } // LookupConfig - Initialize new etcd config. func LookupConfig(kvs config.KVS, rootCAs *x509.CertPool) (Config, error) { cfg := Config{} if err := config.CheckValidKeys(config.EtcdSubSys, kvs, DefaultKVS); err != nil { return cfg, err } endpoints := env.Get(EnvEtcdEndpoints, kvs.Get(Endpoints))
Registered: Sun Jun 16 00:44:34 UTC 2024 - Last Modified: Fri May 24 23:05:23 UTC 2024 - 4.8K bytes - Viewed (0) -
internal/http/transports.go
LookupHost LookupHost // Custom lookupHost, is nil on containerized deployments. DialTimeout time.Duration // TLS Settings RootCAs *x509.CertPool CipherSuites []uint16 CurvePreferences []tls.CurveID // HTTP2 EnableHTTP2 bool // TCP Options TCPOptions TCPOptions }
Registered: Sun Jun 16 00:44:34 UTC 2024 - Last Modified: Fri May 24 23:05:23 UTC 2024 - 6K bytes - Viewed (0)