- Sort Score
- Result 10 results
- Languages All
Results 11 - 20 of 40 for IsCA (0.08 sec)
-
pkg/test/csrctrl/authority/policies.go
// - It sets allowed usages as configured in the policy. // - It sets NotAfter based on the TTL configured in the policy. // - It zeros all extensions. // - It sets BasicConstraints to true. // - It sets IsCA to false. type PermissiveSigningPolicy struct { // TTL is the certificate TTL. It's used to calculate the NotAfter value of // the certificate. TTL time.Duration // Usages are the allowed usages of a certificate.
Registered: Fri Jun 14 15:00:06 UTC 2024 - Last Modified: Wed Aug 03 17:06:22 UTC 2022 - 4.5K bytes - Viewed (0) -
src/crypto/x509/boring_test.go
BasicConstraintsValid: true, } if mode&^boringCertFIPSOK == boringCertLeaf { tmpl.DNSNames = []string{"example.com"} } else { tmpl.IsCA = true tmpl.KeyUsage |= KeyUsageCertSign } var pcert *Certificate var pkey interface{} if parent != nil { pcert = parent.cert pkey = parent.key } else { pcert = tmpl pkey = key
Registered: Wed Jun 12 16:32:35 UTC 2024 - Last Modified: Thu Nov 17 17:38:47 UTC 2022 - 3.7K bytes - Viewed (0) -
pkg/controller/certificates/authority/policies.go
// signer. // // - It forwards all SANs from the original signing request. // - It sets allowed usages as configured in the policy. // - It zeros all extensions. // - It sets BasicConstraints to true. // - It sets IsCA to false. // - It validates that the signer has not expired. // - It sets NotBefore and NotAfter: // All certificates set NotBefore = Now() - Backdate. // Long-lived certificates set NotAfter = Now() + TTL - Backdate.
Registered: Sat Jun 15 01:39:40 UTC 2024 - Last Modified: Tue Jul 26 17:14:05 UTC 2022 - 5.7K bytes - Viewed (0) -
security/pkg/pki/util/keycertbundle.go
} if len(ids) != 1 { return nil, fmt.Errorf("expect single id from the cert, found %v", ids) } opts := &CertOptions{ Host: ids[0], Org: b.cert.Issuer.Organization[0], IsCA: b.cert.IsCA, TTL: b.cert.NotAfter.Sub(b.cert.NotBefore), IsDualUse: ids[0] == b.cert.Subject.CommonName, } switch (*b.privKey).(type) { case *rsa.PrivateKey: size, err := GetRSAKeySize(*b.privKey)
Registered: Fri Jun 14 15:00:06 UTC 2024 - Last Modified: Sun Jan 21 06:07:50 UTC 2024 - 10.5K bytes - Viewed (0) -
src/crypto/x509/hybrid_pool_test.go
} googChain := c.ConnectionState().PeerCertificates rootTmpl := &x509.Certificate{ SerialNumber: big.NewInt(1), Subject: pkix.Name{CommonName: "Go test root"}, IsCA: true, BasicConstraintsValid: true, NotBefore: time.Now().Add(-time.Hour), NotAfter: time.Now().Add(time.Hour * 10), } k, err := ecdsa.GenerateKey(elliptic.P256(), rand.Reader)
Registered: Wed Jun 12 16:32:35 UTC 2024 - Last Modified: Mon Feb 26 20:48:11 UTC 2024 - 3.7K bytes - Viewed (0) -
src/crypto/x509/x509.go
UnknownExtKeyUsage []asn1.ObjectIdentifier // Encountered extended key usages unknown to this package. // BasicConstraintsValid indicates whether IsCA, MaxPathLen, // and MaxPathLenZero are valid. BasicConstraintsValid bool IsCA bool // MaxPathLen and MaxPathLenZero indicate the presence and // value of the BasicConstraints' "pathLenConstraint". //
Registered: Wed Jun 12 16:32:35 UTC 2024 - Last Modified: Wed May 22 09:20:15 UTC 2024 - 82K bytes - Viewed (0) -
cmd/kubeadm/app/util/pkiutil/pki_helpers.go
NotBefore: notBefore, NotAfter: notAfter, KeyUsage: keyUsage, ExtKeyUsage: cfg.Usages, BasicConstraintsValid: true, IsCA: isCA, } certDERBytes, err := x509.CreateCertificate(cryptorand.Reader, &certTmpl, caCert, key.Public(), caKey) if err != nil { return nil, err } return x509.ParseCertificate(certDERBytes) }
Registered: Sat Jun 15 01:39:40 UTC 2024 - Last Modified: Wed May 01 16:01:49 UTC 2024 - 25.5K bytes - Viewed (0) -
cmd/kubeadm/app/phases/certs/certs.go
} // Validate period CheckCertificatePeriodValidity(baseName, caCert) // Make sure the loaded CA cert actually is a CA if !caCert.IsCA { return nil, nil, errors.Errorf("%s certificate is not a certificate authority", baseName) } return caCert, caKey, nil }
Registered: Sat Jun 15 01:39:40 UTC 2024 - Last Modified: Tue Dec 05 10:17:14 UTC 2023 - 19.4K bytes - Viewed (0) -
security/pkg/pki/ca/ca.go
pkiCaLog.Infof("CASecret %s not found, will create one", caCertName) options := util.CertOptions{ TTL: caCertTTL, Org: org, IsCA: true, IsSelfSigned: true, RSAKeySize: caRSAKeySize, IsDualUse: dualUse, } pemCert, pemKey, ckErr := util.GenCertKeyFromOptions(options) if ckErr != nil {
Registered: Fri Jun 14 15:00:06 UTC 2024 - Last Modified: Thu Nov 30 19:33:26 UTC 2023 - 17.2K bytes - Viewed (0) -
istioctl/pkg/writer/compare/sds/util.go
return SecretMeta{}, fmt.Errorf("failed to parse certificate PEM") } cert, err := x509.ParseCertificate(block.Bytes) if err != nil { return SecretMeta{}, err } var certType string if cert.IsCA { certType = "CA" } else { certType = "Cert Chain" } today := time.Now() return SecretMeta{ SerialNumber: fmt.Sprintf("%x", cert.SerialNumber),
Registered: Fri Jun 14 15:00:06 UTC 2024 - Last Modified: Tue Jun 06 15:14:48 UTC 2023 - 6.6K bytes - Viewed (0)