- Sort Score
- Result 10 results
- Languages All
Results 1 - 10 of 11 for GetRootCertPem (0.45 sec)
-
pilot/pkg/bootstrap/certcontroller.go
func (s *Server) watchRootCertAndGenKeyCert(stop <-chan struct{}) { caBundle := s.CA.GetCAKeyCertBundle().GetRootCertPem() for { if !sleep.Until(stop, rootCertPollingInterval) { return } newRootCert := s.CA.GetCAKeyCertBundle().GetRootCertPem() if !bytes.Equal(caBundle, newRootCert) { caBundle = newRootCert
Registered: Fri Jun 14 15:00:06 UTC 2024 - Last Modified: Thu Jun 13 17:48:28 UTC 2024 - 11.3K bytes - Viewed (0) -
security/pkg/pki/util/keycertbundle.go
func (b *KeyCertBundle) GetCertChainPem() []byte { b.mutex.RLock() defer b.mutex.RUnlock() return copyBytes(b.certChainBytes) } // GetRootCertPem returns the root certificate PEM. func (b *KeyCertBundle) GetRootCertPem() []byte { b.mutex.RLock() defer b.mutex.RUnlock() return copyBytes(b.rootCertBytes) }
Registered: Fri Jun 14 15:00:06 UTC 2024 - Last Modified: Sun Jan 21 06:07:50 UTC 2024 - 10.5K bytes - Viewed (0) -
security/pkg/pki/ca/selfsignedcarootcertrotator_test.go
// key cert bundle. if bytes.Equal(oldRootCert, rotator.ca.keyCertBundle.GetRootCertPem()) { t.Error("root cert in key cert bundle should be different after rotation.") } if !bytes.Equal(certItem1.caSecret.Data[CACertFile], rotator.ca.keyCertBundle.GetRootCertPem()) { t.Error("root cert in key cert bundle should be the same as root " + "cert in istio-ca-secret after root cert rotation.")
Registered: Fri Jun 14 15:00:06 UTC 2024 - Last Modified: Wed Oct 11 23:33:41 UTC 2023 - 14.1K bytes - Viewed (0) -
security/pkg/server/ca/server.go
serverCaLog.Errorf("failed to extract root cert expiry timestamp (error %v)", err) } rootCertExpiryTimestamp.Record(rootCertExpiry) rootCertPem, err := util.ParsePemEncodedCertificate(keyCertBundle.GetRootCertPem()) if err != nil { serverCaLog.Errorf("failed to parse the root cert: %v", err) } rootCertExpirySeconds.ValueFrom(func() float64 { return time.Until(rootCertPem.NotAfter).Seconds() })
Registered: Fri Jun 14 15:00:06 UTC 2024 - Last Modified: Tue May 28 17:35:26 UTC 2024 - 8K bytes - Viewed (0) -
security/pkg/nodeagent/caclient/providers/mock/mockcaclient.go
c.GeneratedCerts = append(c.GeneratedCerts, ret) return ret, nil } func (c *CAClient) GetRootCertBundle() ([]string, error) { if c.mockTrustAnchor { rootCertBytes := c.bundle.GetRootCertPem() return []string{string(rootCertBytes)}, nil } return []string{}, nil
Registered: Fri Jun 14 15:00:06 UTC 2024 - Last Modified: Thu May 16 22:12:28 UTC 2024 - 3K bytes - Viewed (0) -
security/pkg/pki/ra/k8s_ra.go
} respCertChain := []string{string(cert)} var possibleRootCert, rootCertFromMeshConfig, rootCertFromCertChain []byte certSigner := r.certSignerDomain + "/" + certOpts.CertSigner if len(r.GetCAKeyCertBundle().GetRootCertPem()) == 0 { rootCertFromCertChain, err = util.FindRootCertFromCertificateChainBytes(cert) if err != nil { pkiRaLog.Infof("failed to find root cert from signed cert-chain (%v)", err.Error()) }
Registered: Fri Jun 14 15:00:06 UTC 2024 - Last Modified: Wed Aug 02 14:34:38 UTC 2023 - 7.2K bytes - Viewed (0) -
security/pkg/pki/ca/selfsignedcarootcertrotator.go
return } oldCaCert := caSecret.Data[CACertFile] oldCaPrivateKey := caSecret.Data[CAPrivateKeyFile] oldRootCerts := rotator.ca.GetCAKeyCertBundle().GetRootCertPem() if rollback, err := rotator.updateRootCertificate(caSecret, true, pemCert, pemKey, pemRootCerts); err != nil { if !rollback { rootCertRotatorLog.Errorf("Failed to roll forward root certificate (error: %s). "+
Registered: Fri Jun 14 15:00:06 UTC 2024 - Last Modified: Thu Nov 30 19:33:26 UTC 2023 - 10.4K bytes - Viewed (0) -
pilot/pkg/bootstrap/server.go
rootCertBytes = append(rootCertBytes, caBundle...) } else { rootCertBytes = append(rootCertBytes, s.RA.GetCAKeyCertBundle().GetRootCertPem()...) } } if s.CA != nil { rootCertBytes = append(rootCertBytes, s.CA.GetCAKeyCertBundle().GetRootCertPem()...) } } if len(rootCertBytes) != 0 {
Registered: Fri Jun 14 15:00:06 UTC 2024 - Last Modified: Thu Jun 13 17:48:28 UTC 2024 - 46.3K bytes - Viewed (0) -
security/pkg/pki/util/keycertbundle_test.go
t.Errorf("%s: rootCertBytes should not be empty", id) } chain = bundle.GetCertChainPem() if len(chain) != 0 { t.Errorf("%s: certChainBytes should be empty", id) } root = bundle.GetRootCertPem() if len(root) == 0 { t.Errorf("%s: rootCertBytes should not be empty", id) } x509Cert, privKey, chain, root := bundle.GetAll() if x509Cert != nil {
Registered: Fri Jun 14 15:00:06 UTC 2024 - Last Modified: Sun Jan 21 06:07:50 UTC 2024 - 15.8K bytes - Viewed (0) -
pilot/pkg/bootstrap/istio_ca.go
// and generates new dns certs. func handleEvent(s *Server) { log.Info("Update Istiod cacerts") var newCABundle []byte var err error currentCABundle := s.CA.GetCAKeyCertBundle().GetRootCertPem() fileBundle, err := detectSigningCABundle() if err != nil { log.Errorf("unable to determine signing file format %v", err) return } newCABundle, err = os.ReadFile(fileBundle.RootCertFile)
Registered: Fri Jun 14 15:00:06 UTC 2024 - Last Modified: Thu Jun 13 17:48:28 UTC 2024 - 20.6K bytes - Viewed (0)