- Sort Score
- Result 10 results
- Languages All
Results 171 - 180 of 344 for ca (0.07 sec)
-
istioctl/pkg/xds/client.go
) const ( // defaultExpirationSeconds is how long-lived a token to request (an hour) defaultExpirationSeconds = 60 * 60 ) // Audience to create tokens for var tokenAudiences = []string{"istio-ca"} // GetXdsResponse opens a gRPC connection to opts.xds and waits for a single response func GetXdsResponse(dr *discovery.DiscoveryRequest, ns string, serviceAccount string, opts clioptions.CentralControlPlaneOptions,
Registered: Wed Nov 06 22:53:10 UTC 2024 - Last Modified: Tue Dec 19 22:42:42 UTC 2023 - 3.7K bytes - Viewed (0) -
cni/pkg/install/kubeconfig.go
} if cfg.SkipTLSVerify { // User explicitly opted into insecure. cluster.InsecureSkipTLSVerify = true } else { caFile := model.GetOrDefault(cfg.KubeCAFile, cfg.K8sServiceAccountPath+"/ca.crt") caContents, err := os.ReadFile(caFile) if err != nil { return kubeconfig{}, err } cluster.CertificateAuthorityData = caContents } token, err := os.ReadFile(cfg.K8sServiceAccountPath + "/token")
Registered: Wed Nov 06 22:53:10 UTC 2024 - Last Modified: Thu Aug 01 18:38:14 UTC 2024 - 4K bytes - Viewed (0) -
docs/sts/client_grants/__init__.py
sts_ep='http://localhost:9000'): self.cid = cid self.csec = csec self.idp_ep = idp_ep self.sts_ep = sts_ep # Load CA certificates from SSL_CERT_FILE file if set ca_certs = os.environ.get('SSL_CERT_FILE') if not ca_certs: ca_certs = certifi.where() self._http = urllib3.PoolManager(
Registered: Sun Nov 03 19:28:11 UTC 2024 - Last Modified: Fri Apr 23 18:58:53 UTC 2021 - 4.6K bytes - Viewed (0) -
manifests/charts/README.md
- Better security: separate Istio components reside in different namespaces, allowing different teams or roles to manage different parts of Istio. For example, a security team would maintain the root CA and policy, a telemetry team may only have access to Prometheus, and a different team may maintain the control plane components (which are highly security sensitive).
Registered: Wed Nov 06 22:53:10 UTC 2024 - Last Modified: Thu Oct 31 16:56:50 UTC 2024 - 7.4K bytes - Viewed (0) -
common-protos/k8s.io/api/certificates/v1alpha1/generated.proto
// // The data must consist only of PEM certificate blocks that parse as valid // X.509 certificates. Each certificate must include a basic constraints // extension with the CA bit set. The API server will reject objects that // contain duplicate certificates, or that use PEM block headers. // // Users of ClusterTrustBundles, including Kubelet, are free to reorder and
Registered: Wed Nov 06 22:53:10 UTC 2024 - Last Modified: Mon Mar 11 18:43:24 UTC 2024 - 4.2K bytes - Viewed (0) -
istioctl/pkg/writer/ztunnel/configdump/configdump.go
func (c *ConfigWriter) PrintVersionSummary() error { // TODO return nil } // PrintPodRootCAFromDynamicSecretDump prints just pod's root ca from dynamic secret config dump to the ConfigWriter stdout func (c *ConfigWriter) PrintPodRootCAFromDynamicSecretDump() (string, error) { // TODO return "", nil }
Registered: Wed Nov 06 22:53:10 UTC 2024 - Last Modified: Thu Jun 06 20:18:34 UTC 2024 - 3.9K bytes - Viewed (0) -
cni/pkg/config/config.go
// Logging level for the CNI plugin // Since it runs out-of-process, it has to be separately configured PluginLogLevel string // The file mode to set when creating the kubeconfig file KubeconfigMode int // CA file for kubeconfig KubeCAFile string // Whether to use insecure TLS in the kubeconfig file SkipTLSVerify bool // Comma-separated list of K8S namespaces that CNI should ignore ExcludeNamespaces string
Registered: Wed Nov 06 22:53:10 UTC 2024 - Last Modified: Fri Aug 16 15:33:47 UTC 2024 - 5.7K bytes - Viewed (0) -
common-protos/k8s.io/api/certificates/v1/generated.proto
// // Custom signerNames can also be specified. The signer defines: // 1. Trust distribution: how trust (CA bundles) are distributed. // 2. Permitted subjects: and behavior when a disallowed subject is requested.
Registered: Wed Nov 06 22:53:10 UTC 2024 - Last Modified: Mon Mar 11 18:43:24 UTC 2024 - 11.6K bytes - Viewed (0) -
okhttp/src/main/kotlin/okhttp3/CertificatePinner.kt
* sha256/klO23nT2ehFDXCfx3eHTDRESMz3asj1muO+4aIdjiuY=: CN=COMODO RSA Secure Server CA * sha256/grX4Ta9HpZx6tSHkmCrvpApTQGo67CYDnvprLg5yRME=: CN=COMODO RSA Certification Authority * sha256/lCppFqbkrlJ3EcVFAkeip0+44VaoJUymbnOaEUk7tEU=: CN=AddTrust External CA Root * Pinned certificates for publicobject.com: * sha256/AAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAA=
Registered: Fri Nov 01 11:42:11 UTC 2024 - Last Modified: Mon Jan 08 01:13:22 UTC 2024 - 14.2K bytes - Viewed (0) -
helm-releases/minio-2.0.1.tgz
needs to be trusted. For instance, given that TLS is enabled and you need to add trust for Minio's own CA and for the CA of a Keycloak server, a Kubernetes secret can be created from the certificate files using `kubectl`: ``` kubectl -n minio create secret generic minio-trusted-certs --from-file=public.crt --from-file=keycloak.crt ``` If TLS is not enabled, you would need only the third party CA: ``` kubectl -n minio create secret generic minio-trusted-certs --from-file=keycloak.crt ``` The name of...
Registered: Sun Nov 03 19:28:11 UTC 2024 - Last Modified: Tue Aug 31 09:09:09 UTC 2021 - 13.6K bytes - Viewed (0)