Search Options

Results per page
Sort
Preferred Languages
Advance

Results 1 - 10 of 60 for rootCert (0.15 sec)

  2. github.com/istio/istio

    security/pkg/nodeagent/cache/secretcache_test.go 

    	if expectedSecret.ResourceName == security.RootCertReqResourceName || (ok && cfg.IsRootCertificate()) {
		if !bytes.Equal(expectedSecret.RootCert, gotSecret.RootCert) {
			t.Fatalf("root cert: expected %v but got %v", expectedSecret.RootCert,
				gotSecret.RootCert)
		}
	} else {
		if !bytes.Equal(expectedSecret.CertificateChain, gotSecret.CertificateChain) {
    Registered: Fri Jun 14 15:00:06 UTC 2024
    - Last Modified: Thu May 16 22:12:28 UTC 2024
    - 23.9K bytes
    - Viewed (0)
  3. github.com/istio/istio

    pilot/pkg/grpc/tls.go 

    // TLSOptions include TLS options that a grpc client uses to connect with server.
type TLSOptions struct {
	RootCert      string
	Key           string
	Cert          string
	ServerAddress string
	SAN           string
}

func getTLSDialOption(opts *TLSOptions) (grpc.DialOption, error) {
	rootCert, err := getRootCertificate(opts.RootCert)
	if err != nil {
		return nil, err
	}
	config := tls.Config{
    Registered: Fri Jun 14 15:00:06 UTC 2024
    - Last Modified: Thu Mar 28 22:11:02 UTC 2024
    - 2.9K bytes
    - Viewed (0)
  4. github.com/istio/istio

    pkg/istio-agent/plugins.go 

    	} else {
		tlsOpts = &citadel.TLSOptions{}
		tlsOpts.RootCert, err = a.FindRootCAForCA()
		if err != nil {
			return nil, fmt.Errorf("failed to find root CA cert for CA: %v", err)
		}

		if tlsOpts.RootCert == "" {
			log.Infof("Using CA %s cert with system certs", opts.CAEndpoint)
		} else if !fileExists(tlsOpts.RootCert) {
    Registered: Fri Jun 14 15:00:06 UTC 2024
    - Last Modified: Sat May 11 03:32:57 UTC 2024
    - 2.7K bytes
    - Viewed (0)
  5. github.com/istio/istio

    pkg/test/csrctrl/controllers/start_csrctrl.go 

    		}
		signersMap[signerName] = signer
		rootCert, rErr := os.ReadFile(signer.GetRootCerts())
		if rErr != nil {
			return nil, fmt.Errorf("unable to read root cert for signer %q: %v", signerName, err)
		}
		rootCertsForSigner := SignerRootCert{
			Signer:   signerName,
			Rootcert: string(rootCert),
		}
		rootCertSignerArr = append(rootCertSignerArr, rootCertsForSigner)
	}
    Registered: Fri Jun 14 15:00:06 UTC 2024
    - Last Modified: Tue May 09 02:22:47 UTC 2023
    - 2K bytes
    - Viewed (0)
  6. github.com/istio/istio

    security/pkg/pki/ca/ca_test.go 

    	rootCert, err := util.ParsePemEncodedCertificate(rootCertBytes)
	if err != nil {
		t.Error(err)
	}
	// Root cert and siging cert are the same for self-signed CA.
	if !rootCert.Equal(signingCert) {
		t.Error("CA root cert does not match signing cert")
	}

	if ttl := rootCert.NotAfter.Sub(rootCert.NotBefore); ttl != caCertTTL {
    Registered: Fri Jun 14 15:00:06 UTC 2024
    - Last Modified: Tue Oct 31 08:51:27 UTC 2023
    - 29.1K bytes
    - Viewed (0)
  7. github.com/istio/istio

    pkg/test/framework/components/istio/ca.go 

    	"istio.io/istio/pkg/test/framework"
	pkiutil "istio.io/istio/security/pkg/pki/util"
)

type Cert struct {
	ClientCert, Key, RootCert []byte
}

func CreateCertificate(t framework.TestContext, i Instance, serviceAccount, namespace string) (Cert, error) {
	c := t.Clusters().Default()
	rootCert, err := FetchRootCert(c.Kube())
	if err != nil {
		return Cert{}, fmt.Errorf("failed to fetch root cert: %v", err)
	}
    Registered: Fri Jun 14 15:00:06 UTC 2024
    - Last Modified: Wed Mar 27 16:59:05 UTC 2024
    - 4.5K bytes
    - Viewed (0)
  8. github.com/istio/istio

    security/pkg/pki/util/verify_cert_test.go 

    			privPem:        nil,
			certChainPem:   []byte(certChainBad),
			rootCertPem:    []byte(rootCert),
			expectedFields: verifyField1,
			expectedErr:    "failed to parse certificate chain",
		},
		"Failed to verify cert chain": {
			privPem:        nil,
			certChainPem:   []byte(certChainNoRoot),
			rootCertPem:    []byte(rootCert),
			expectedFields: verifyField2,
			expectedErr:    "failed to verify certificate: x509:",
    Registered: Fri Jun 14 15:00:06 UTC 2024
    - Last Modified: Tue Aug 16 14:56:37 UTC 2022
    - 6.5K bytes
    - Viewed (0)
  9. github.com/istio/istio

    security/pkg/pki/util/generate_csr.go 

    func AppendCertByte(pemCert []byte, rootCert []byte) []byte {
	rootCerts := []byte{}
	if len(pemCert) > 0 {
		// Copy the input certificate
		rootCerts = []byte(strings.TrimSuffix(string(pemCert), "\n") + "\n")
	}
	rootCerts = append(rootCerts, rootCert...)
	return rootCerts
    Registered: Fri Jun 14 15:00:06 UTC 2024
    - Last Modified: Mon Nov 06 12:48:53 UTC 2023
    - 4.1K bytes
    - Viewed (0)
  10. github.com/istio/istio

    security/pkg/nodeagent/caclient/providers/citadel/client_test.go 

    			CredFetcher: plugin.CreateTokenPlugin("testdata/token"),
			ProvCert:    certDir,
		}
		rootCert := path.Join(certDir, constants.RootCertFilename)
		key := path.Join(certDir, constants.KeyFilename)
		cert := path.Join(certDir, constants.CertChainFilename)
		tlsOpts := &TLSOptions{
			RootCert: rootCert,
			Key:      key,
			Cert:     cert,
		}
		cli, err := NewCitadelClient(opts, tlsOpts)
		if err != nil {
    Registered: Fri Jun 14 15:00:06 UTC 2024
    - Last Modified: Wed Apr 24 21:03:23 UTC 2024
    - 11.8K bytes
    - Viewed (0)
  11. github.com/istio/istio

    pilot/pkg/bootstrap/istio_ca_test.go 

    }

func createCATLSSecret(t test.Failer, client kube.Client) {
	var caCert, caKey, rootCert []byte
	var err error
	if caCert, err = readSampleCertFromFile("ca-cert.pem"); err != nil {
		t.Fatal(err)
	}
	if caKey, err = readSampleCertFromFile("ca-key.pem"); err != nil {
		t.Fatal(err)
	}
	if rootCert, err = readSampleCertFromFile("root-cert.pem"); err != nil {
		t.Fatal(err)
	}
    Registered: Fri Jun 14 15:00:06 UTC 2024
    - Last Modified: Tue Oct 31 14:48:28 UTC 2023
    - 4.3K bytes
    - Viewed (0)
Back to top