- Sort Score
- Result 10 results
- Languages All
Results 21 - 30 of 763 for certChain (0.16 sec)
-
pkg/test/cert/ca/intermediate.go
} // Create the cert chain by concatenating the intermediate and root certs. certChain := caCert + rootCert return &corev1.Secret{ ObjectMeta: metav1.ObjectMeta{ Name: "cacerts", }, Data: map[string][]byte{ "ca-cert.pem": []byte(caCert), "ca-key.pem": []byte(caKey), "cert-chain.pem": []byte(certChain), "root-cert.pem": []byte(rootCert), }, }, nil
Registered: Fri Jun 14 15:00:06 UTC 2024 - Last Modified: Thu Nov 03 08:41:32 UTC 2022 - 3.9K bytes - Viewed (0) -
security/pkg/nodeagent/test/mock/caserver.go
return nil, status.Error(codes.Unavailable, "CA server is not available") } if s.sendEmpty() { caServerLog.Info("force sending empty cert chain in CSR response") response := &pb.IstioCertificateResponse{ CertChain: []string{}, } return response, nil } id := []string{"client-identity"} if len(s.Authenticators) > 0 { caller, err := security.Authenticate(ctx, s.Authenticators) if caller == nil || err != nil {
Registered: Fri Jun 14 15:00:06 UTC 2024 - Last Modified: Thu May 23 21:07:03 UTC 2024 - 5.9K bytes - Viewed (0) -
security/pkg/nodeagent/caclient/providers/citadel/client_test.go
if caller == nil { return nil, status.Error(codes.Unauthenticated, err.Error()) } } if ca.Err == nil { return &pb.IstioCertificateResponse{CertChain: ca.Certs}, nil } return nil, ca.Err } func tlsOptions(t *testing.T) grpc.ServerOption { t.Helper() cert, err := tls.LoadX509KeyPair(
Registered: Fri Jun 14 15:00:06 UTC 2024 - Last Modified: Wed Apr 24 21:03:23 UTC 2024 - 11.8K bytes - Viewed (0) -
security/pkg/pki/ra/k8s_ra.go
cert.UsageKeyEncipherment, cert.UsageServerAuth, cert.UsageClientAuth, } certChain, _, err := chiron.SignCSRK8s(r.csrInterface, csrPEM, certSigner, usages, "", caCertFile, true, false, requestedLifetime) if err != nil { return nil, raerror.NewError(raerror.CertGenError, err) } return certChain, err } // Sign takes a PEM-encoded CSR and cert opts, and returns a certificate signed by k8s CA.
Registered: Fri Jun 14 15:00:06 UTC 2024 - Last Modified: Wed Aug 02 14:34:38 UTC 2023 - 7.2K bytes - Viewed (0) -
istioctl/pkg/writer/ztunnel/configdump/testdata/dump.json
{ "identity": "spiffe://cluster.local/ns/istio-system/sa/ztunnel", "state": "Initializing", "certChain": [] }, { "identity": "spiffe://cluster.local/ns/istio-system/sa/another-sa", "state": "Unavailable: the identity is no longer needed", "certChain": [] }, { "identity": "spiffe://cluster.local/ns/istio-system/sa/istiod",
Registered: Fri Jun 14 15:00:06 UTC 2024 - Last Modified: Tue Apr 16 03:28:36 UTC 2024 - 33.1K bytes - Viewed (0) -
security/pkg/pki/ca/ca_test.go
t.Errorf("NewSelfSignedIstioCAOptions got unexpected error: %v", err) } cert, privateKey, certChain, rootCert := caOpts.KeyCertBundle.GetAllPem() if !bytes.Equal(cert, rootCert) { t.Error("Root cert and cert do not match") } // self signed certs do not contain cert chain if len(certChain) > 0 { t.Error("Cert chain should not exist") } rootCertCh <- rootCert
Registered: Fri Jun 14 15:00:06 UTC 2024 - Last Modified: Tue Oct 31 08:51:27 UTC 2023 - 29.1K bytes - Viewed (0) -
security/pkg/server/ca/server.go
Registered: Fri Jun 14 15:00:06 UTC 2024 - Last Modified: Tue May 28 17:35:26 UTC 2024 - 8K bytes - Viewed (0) -
security/pkg/pki/ca/ca.go
// Adds the "istio-generated" key if the secret name is `cacerts`. func BuildSecret(scrtName, namespace string, certChain, privateKey, rootCert, caCert, caPrivateKey []byte, secretType v1.SecretType) *v1.Secret { secret := &v1.Secret{ Data: map[string][]byte{ CertChainFile: certChain, PrivateKeyFile: privateKey, RootCertFile: rootCert, CACertFile: caCert, CAPrivateKeyFile: caPrivateKey,
Registered: Fri Jun 14 15:00:06 UTC 2024 - Last Modified: Thu Nov 30 19:33:26 UTC 2023 - 17.2K bytes - Viewed (0) -
security/pkg/pki/util/keycertbundle.go
// KeyCertBundle stores the cert, private key, cert chain and root cert for an entity. It is thread safe. // The cert and privKey should be a public/private key pair. // The cert should be verifiable from the rootCert through the certChain. // cert and priveKey are pointers to the cert/key parsed from certBytes/privKeyBytes. type KeyCertBundle struct { certBytes []byte cert *x509.Certificate privKeyBytes []byte
Registered: Fri Jun 14 15:00:06 UTC 2024 - Last Modified: Sun Jan 21 06:07:50 UTC 2024 - 10.5K bytes - Viewed (0) -
security/pkg/nodeagent/cache/secretcache_test.go
rootResource := security.RootCertReqResourceName if sds { workloadResource = sc.existingCertificateFile.GetResourceName() rootResource = sc.existingCertificateFile.GetRootResourceName() } certchain, err := os.ReadFile(sc.existingCertificateFile.CertificatePath) if err != nil { t.Fatalf("Error reading the cert chain file: %v", err) } privateKey, err := os.ReadFile(sc.existingCertificateFile.PrivateKeyPath)
Registered: Fri Jun 14 15:00:06 UTC 2024 - Last Modified: Thu May 16 22:12:28 UTC 2024 - 23.9K bytes - Viewed (0)