- Sort Score
- Result 10 results
- Languages All
Results 1 - 6 of 6 for signWithCertChain (0.2 sec)
-
security/pkg/pki/ca/mock/fakeca.go
ca.ReceivedIDs = certOpts.SubjectIDs if ca.SignErr != nil { return nil, ca.SignErr } return ca.SignedCert, nil } // SignWithCertChain returns the SignErr if SignErr is not nil, otherwise, it returns SignedCert and the cert chain. func (ca *FakeCA) SignWithCertChain(csr []byte, certOpts ca.CertOpts) ([]string, error) { if ca.SignErr != nil { return nil, ca.SignErr } cert := ca.SignedCert
Registered: Fri Jun 14 15:00:06 UTC 2024 - Last Modified: Fri Dec 03 18:57:19 UTC 2021 - 2.1K bytes - Viewed (0) -
security/pkg/server/ca/server.go
type CertificateAuthority interface { // Sign generates a certificate for a workload or CA, from the given CSR and cert opts. Sign(csrPEM []byte, opts ca.CertOpts) ([]byte, error) // SignWithCertChain is similar to Sign but returns the leaf cert and the entire cert chain. SignWithCertChain(csrPEM []byte, opts ca.CertOpts) ([]string, error) // GetCAKeyCertBundle returns the KeyCertBundle used by CA. GetCAKeyCertBundle() *util.KeyCertBundle }
Registered: Fri Jun 14 15:00:06 UTC 2024 - Last Modified: Tue May 28 17:35:26 UTC 2024 - 8K bytes - Viewed (0) -
security/pkg/pki/ca/ca.go
) { return ca.sign(csrPEM, certOpts.SubjectIDs, certOpts.TTL, true, certOpts.ForCA) } // SignWithCertChain is similar to Sign but returns the leaf cert and the entire cert chain. func (ca *IstioCA) SignWithCertChain(csrPEM []byte, certOpts CertOpts) ( []string, error, ) { cert, err := ca.signWithCertChain(csrPEM, certOpts.SubjectIDs, certOpts.TTL, true, certOpts.ForCA) if err != nil { return nil, err }
Registered: Fri Jun 14 15:00:06 UTC 2024 - Last Modified: Thu Nov 30 19:33:26 UTC 2023 - 17.2K bytes - Viewed (0) -
security/pkg/pki/ra/k8s_ra.go
if err != nil { return nil, err } certSigner := certOpts.CertSigner return r.kubernetesSign(csrPEM, r.raOpts.CaCertFile, certSigner, certOpts.TTL) } // SignWithCertChain is similar to Sign but returns the leaf cert and the entire cert chain. // root cert comes from two sources, order matters: // 1. Specified in mesh config // 2. Extract from the cert-chain signed by the CSR signer.
Registered: Fri Jun 14 15:00:06 UTC 2024 - Last Modified: Wed Aug 02 14:34:38 UTC 2023 - 7.2K bytes - Viewed (0) -
security/pkg/pki/ra/k8s_ra_test.go
certOptions := ca.CertOpts{ SubjectIDs: []string{subjectID}, TTL: 60 * time.Second, ForCA: false, CertSigner: "kube-apiserver-client", } _, err = ra.SignWithCertChain(csrPEM, certOptions) if (tc.expectedFail && err == nil) || (!tc.expectedFail && err != nil) { t.Fatalf("expected failure: %t, got %v", tc.expectedFail, err) } if tc.updatedRootCertForMeshConfig != "" {
Registered: Fri Jun 14 15:00:06 UTC 2024 - Last Modified: Wed Sep 27 00:44:54 UTC 2023 - 9.7K bytes - Viewed (0) -
security/pkg/pki/ca/ca_test.go
if err != nil { t.Error(err) } caCertOpts := CertOpts{ SubjectIDs: []string{"localhost"}, TTL: time.Hour, ForCA: false, } certPEM, signErr := ca.signWithCertChain(csrPEM, caCertOpts.SubjectIDs, caCertOpts.TTL, true, caCertOpts.ForCA) if signErr != nil { t.Error(err) } cert, err := tls.X509KeyPair(certPEM, privPEM) if err != nil { t.Error(err) }
Registered: Fri Jun 14 15:00:06 UTC 2024 - Last Modified: Tue Oct 31 08:51:27 UTC 2023 - 29.1K bytes - Viewed (0)