Search Options

Results per page
Sort
Preferred Languages
Advance

Results 1 - 10 of 763 for certChain (0.37 sec)

  2. github.com/istio/istio

    security/pkg/server/ca/server_test.go 

    			if len(response.CertChain) != len(c.certChain) {
				t.Errorf("Case %s: expecting cert chain length to be (%d) but got (%d)",
					id, len(c.certChain), len(response.CertChain))
			}
			for i, v := range response.CertChain {
				if v != c.certChain[i] {
					t.Errorf("Case %s: expecting cert to be (%s) but got (%s) at position [%d] of cert chain.",
						id, c.certChain, v, i)
				}
			}

		}
	}
    Registered: Fri Jun 14 15:00:06 UTC 2024
    - Last Modified: Wed Feb 28 16:41:38 UTC 2024
    - 15.8K bytes
    - Viewed (0)
  3. github.com/istio/istio

    tests/fuzz/security_fuzzer.go 

    	certChain := [][]*x509.Certificate{}
	withPkixExtension, err := f.GetBool()
	if err != nil {
		return certChain, err
	}
	if withPkixExtension {
		ids := []util.Identity{}
		err := f.GenerateStruct(&ids)
		if err != nil {
			return certChain, err
		}
		sanExt, err := util.BuildSANExtension(ids)
		if err != nil {
			return certChain, err
		}
		certChain = [][]*x509.Certificate{
    Registered: Fri Jun 14 15:00:06 UTC 2024
    - Last Modified: Wed Feb 28 16:41:38 UTC 2024
    - 3.2K bytes
    - Viewed (0)
  4. github.com/istio/istio

    security/pkg/server/ca/authenticate/cert_authenticator_test.go 

    	}

	testCases := map[string]struct {
		certChain          [][]*x509.Certificate
		caller             *security.Caller
		authenticateErrMsg string
		fakeAuthInfo       *mockAuthInfo
	}{
		"No client certificate": {
			certChain:          nil,
			caller:             nil,
			authenticateErrMsg: "no client certificate is presented",
		},
		"Unsupported auth type": {
			certChain:          nil,
			caller:             nil,
    Registered: Fri Jun 14 15:00:06 UTC 2024
    - Last Modified: Fri Jan 05 01:20:59 UTC 2024
    - 3.2K bytes
    - Viewed (0)
  5. github.com/istio/istio

    pkg/test/framework/components/istio/ca.go 

    	resp, err := client.CreateCertificate(rctx, req)
	if err != nil {
		return Cert{}, fmt.Errorf("send CSR: %v", err)
	}
	certChain := []byte{}
	for _, c := range resp.CertChain {
		certChain = append(certChain, []byte(c)...)
	}
	return Cert{certChain, keyPEM, []byte(rootCert)}, nil
}

// 7 days
var saTokenExpiration int64 = 60 * 60 * 24 * 7
    Registered: Fri Jun 14 15:00:06 UTC 2024
    - Last Modified: Wed Mar 27 16:59:05 UTC 2024
    - 4.5K bytes
    - Viewed (0)
  6. github.com/istio/istio

    security/pkg/pki/util/verify_cert_test.go 

    		},
		"Failed to verify key": {
			privPem:        []byte(keyBad),
			certChainPem:   []byte(certChain),
			rootCertPem:    []byte(rootCert),
			expectedFields: verifyField2,
			expectedErr:    "invalid PEM-encoded key",
		},
		"Failed to match key/cert": {
			privPem:        []byte(keyMismatch),
			certChainPem:   []byte(certChain),
			rootCertPem:    []byte(rootCert),
			expectedFields: verifyField2,
    Registered: Fri Jun 14 15:00:06 UTC 2024
    - Last Modified: Tue Aug 16 14:56:37 UTC 2022
    - 6.5K bytes
    - Viewed (0)
  7. github.com/istio/istio

    pilot/pkg/bootstrap/certcontroller.go 

    		if !bytes.Equal(caBundle, newRootCert) {
			caBundle = newRootCert
			certChain, keyPEM, err := s.CA.GenKeyCert(s.dnsNames, SelfSignedCACertTTL.Get(), false)
			if err != nil {
				log.Errorf("failed generating istiod key cert %v", err)
			} else {
				s.istiodCertBundleWatcher.SetAndNotify(keyPEM, certChain, caBundle)
				log.Infof("regenerated istiod dns cert: %s", certChain)
			}
		}
	}
}
    Registered: Fri Jun 14 15:00:06 UTC 2024
    - Last Modified: Thu Jun 13 17:48:28 UTC 2024
    - 11.3K bytes
    - Viewed (0)
  8. github.com/istio/istio

    security/pkg/pki/ra/k8s_ra_test.go 

    			certChain:    path.Join(env.IstioSrc, "samples/certs", "leaf-workload-foo-cert.pem"),
			expectedFail: true,
		},
	}
	for _, tc := range cases {
		t.Run(tc.name, func(t *testing.T) {
			csrPEM := createFakeCsr(t)
			certChainPem, err := os.ReadFile(tc.certChain)
			if err != nil {
				t.Errorf("Failed to read sample %s", tc.certChain)
			}
    Registered: Fri Jun 14 15:00:06 UTC 2024
    - Last Modified: Wed Sep 27 00:44:54 UTC 2023
    - 9.7K bytes
    - Viewed (0)
  9. github.com/istio/istio

    tests/integration/ambient/cacert_rotation_test.go 

    		if err != nil {
			t.Logf("failed to get current workload secret: %v", err)
			return false
		}

		// retry when workload cert is not updated
		if originalCert.CertChain[0].ValidFrom != updatedCert.CertChain[0].ValidFrom {
			newSecret = updatedCert
			t.Logf("workload cert is updated")
			return true
		}

		return false
	}, retry.Timeout(5*time.Minute), retry.Delay(10*time.Second))
    Registered: Fri Jun 14 15:00:06 UTC 2024
    - Last Modified: Tue Apr 16 03:28:36 UTC 2024
    - 6.1K bytes
    - Viewed (0)
  10. github.com/istio/istio

    samples/certs/generate-workload.sh 

    cp "$FINAL_DIR/leaf-workload-$sa-cert.pem" "$FINAL_DIR/workload-$sa-cert.pem"
cat "$certchain" >> "$FINAL_DIR/workload-$sa-cert.pem"
cp "$certchain" "$FINAL_DIR/workload-$sa-root-certs.pem"
cat "$rootcert" >> "$FINAL_DIR/workload-$sa-root-certs.pem"

echo "Generated workload-$sa-[cert|key].pem with URI SAN $san"
    Registered: Fri Jun 14 15:00:06 UTC 2024
    - Last Modified: Tue Feb 07 23:57:35 UTC 2023
    - 3.2K bytes
    - Viewed (0)
  11. github.com/istio/istio

    istioctl/pkg/writer/ztunnel/configdump/certificates.go 

    			secret.State = "Unavailable"
		}
		if len(secret.CertChain) == 0 {
			fmt.Fprintf(w, "%v\t%v\t%v\t%v\t%v\t%v\t%v\n",
				secret.Identity, valueOrNA(""), secret.State, false, valueOrNA(""), valueOrNA(""), valueOrNA(""))
		} else {
			for i, ca := range secret.CertChain {
				t := "Intermediate"
				if i == 0 {
					t = "Leaf"
				} else if i == len(secret.CertChain)-1 {
					t = "Root"
				}
				n := new(big.Int)
    Registered: Fri Jun 14 15:00:06 UTC 2024
    - Last Modified: Thu Apr 25 16:38:16 UTC 2024
    - 3.2K bytes
    - Viewed (0)
Back to top