- Sort Score
- Result 10 results
- Languages All
Results 1 - 3 of 3 for USE_CACERTS_FOR_SELF_SIGNED_CA (0.29 sec)
-
pilot/pkg/features/security.go
Name: sa, }) } return res }() CertSignerDomain = env.Register("CERT_SIGNER_DOMAIN", "", "The cert signer domain info").Get() UseCacertsForSelfSignedCA = env.Register("USE_CACERTS_FOR_SELF_SIGNED_CA", false, "If enabled, istiod will use a secret named cacerts to store its self-signed istio-"+ "generated root certificate.").Get()
Registered: Fri Jun 14 15:00:06 UTC 2024 - Last Modified: Sat Jan 13 03:50:59 UTC 2024 - 3.1K bytes - Viewed (0) -
pilot/pkg/bootstrap/certcontroller.go
istioGenerated = true } } // check if signing key file exists the cert dir and if the istio-generated file // exists (only if USE_CACERTS_FOR_SELF_SIGNED_CA is enabled) if !detectedSigningCABundle { log.Infof("Use roots from istio-ca-secret") caBundle = s.CA.GetCAKeyCertBundle().GetRootCertPem()
Registered: Fri Jun 14 15:00:06 UTC 2024 - Last Modified: Thu Jun 13 17:48:28 UTC 2024 - 11.3K bytes - Viewed (0) -
pilot/pkg/bootstrap/istio_ca.go
if features.UseCacertsForSelfSignedCA && istioGenerated { log.Infof("IstioGenerated %s secret found, use it as the CA certificate", ca.CACertsSecret) // TODO(jaellio): Currently, when the USE_CACERTS_FOR_SELF_SIGNED_CA flag is true istiod // handles loading and updating the "cacerts" secret with the "istio-generated" key the // same way it handles the "istio-ca-secret" secret. Isitod utilizes a secret watch instead
Registered: Fri Jun 14 15:00:06 UTC 2024 - Last Modified: Thu Jun 13 17:48:28 UTC 2024 - 20.6K bytes - Viewed (0)