- Sort Score
- Result 10 results
- Languages All
Results 61 - 70 of 105 for san (0.06 sec)
-
tests/integration/security/util/framework.go
RootCert: mustReadCert("root-cert.pem"), ClientCert: mustReadCert("cert-chain.pem"), Key: mustReadCert("key.pem"), // Override hostname to match the SAN in the cert we are using Hostname: "server.default.svc", }, Subsets: []echo.SubsetConfig{{ Version: "v1", Annotations: map[string]string{annotation.SidecarInject.Name: "false"}, }}, }
Registered: Fri Jun 14 15:00:06 UTC 2024 - Last Modified: Thu May 02 21:29:40 UTC 2024 - 8.4K bytes - Viewed (0) -
pilot/cmd/pilot-agent/options/options.go
// ProvCert is the environment controlling the use of pre-provisioned certs, for VMs. // May also be used in K8S to use a Secret to bootstrap (as a 'refresh key'), but use short-lived tokens // with extra SAN (labels, etc) in data path. provCert = env.Register("PROV_CERT", "", "Set to a directory containing provisioned certs, for VMs").Get() // set to "SYSTEM" for ACME/public signed XDS servers.
Registered: Fri Jun 14 15:00:06 UTC 2024 - Last Modified: Tue Jan 09 19:21:50 UTC 2024 - 8.1K bytes - Viewed (0) -
subprojects/core/src/test/groovy/org/gradle/util/internal/NameMatcherTest.groovy
doesNotMatch("name") doesNotMatch("name", "other") doesNotMatch("name", "na") doesNotMatch("sN", "otherName") doesNotMatch("sA", "someThing") doesNotMatch("soN", "saN") doesNotMatch("soN", "saName") } def "does not select items when multiple camel case matches"() { expect: matcher.find("sN", ["someName", "soNa", "other"]) == null }
Registered: Wed Jun 12 18:38:38 UTC 2024 - Last Modified: Mon Sep 05 22:49:56 UTC 2022 - 7.8K bytes - Viewed (0) -
pilot/pkg/xds/cds_test.go
sans: nil, }, { name: "Kubernetes service and NONE ServiceEntry", objs: []runtime.Object{service, pod, endpoint}, configs: []config.Config{dr, seNONE}, // Service properly sets SAN. Since it's not external, we do not add the SANs automatically though sans: nil, }, { name: "Kubernetes service and EDS ServiceEntry ISTIO_MUTUAL", objs: []runtime.Object{service, pod, endpoint},
Registered: Fri Jun 14 15:00:06 UTC 2024 - Last Modified: Wed May 01 02:06:39 UTC 2024 - 9.2K bytes - Viewed (0) -
pkg/security/security.go
// Client interface defines the clients need to implement to talk to CA for CSR. // The Agent will create a key pair and a CSR, and use an implementation of this // interface to get back a signed certificate. There is no guarantee that the SAN // in the request will be returned - server may replace it. type Client interface { CSRSign(csrPEM []byte, certValidTTLInSec int64) ([]string, error) Close()
Registered: Fri Jun 14 15:00:06 UTC 2024 - Last Modified: Thu Jun 13 17:48:28 UTC 2024 - 19.1K bytes - Viewed (0) -
src/crypto/x509/x509_test.go
} if !reflect.DeepEqual(cert.DNSNames, template.DNSNames) { t.Errorf("%s: SAN DNS names differ from template. Got %v, want %v", test.name, cert.DNSNames, template.DNSNames) } if !reflect.DeepEqual(cert.EmailAddresses, template.EmailAddresses) { t.Errorf("%s: SAN emails differ from template. Got %v, want %v", test.name, cert.EmailAddresses, template.EmailAddresses) }
Registered: Wed Jun 12 16:32:35 UTC 2024 - Last Modified: Wed May 22 21:00:16 UTC 2024 - 163.4K bytes - Viewed (0) -
pilot/pkg/serviceregistry/kube/conversion.go
func kubeToIstioServiceAccount(saname string, ns string, mesh *meshconfig.MeshConfig) string { return spiffe.MustGenSpiffeURI(mesh, ns, saname) } // SecureNamingSAN creates the secure naming used for SAN verification from pod metadata func SecureNamingSAN(pod *corev1.Pod, mesh *meshconfig.MeshConfig) string { return spiffe.MustGenSpiffeURI(mesh, pod.Namespace, pod.Spec.ServiceAccountName) }
Registered: Fri Jun 14 15:00:06 UTC 2024 - Last Modified: Thu May 23 21:07:03 UTC 2024 - 9.4K bytes - Viewed (0) -
staging/src/k8s.io/apiserver/pkg/util/webhook/webhook_test.go
serverCert: serverCert, serverKey: serverKey, errRegex: errSignedByUnknownCA, }, { // this will fail when GODEBUG is set to x509ignoreCN=0 with // expected err, but the SAN counter gets increased test: "server cert does not have SAN extension", clientCA: caCert, serverCert: serverCertNoSAN, serverKey: serverKey, errRegex: "x509: certificate relies on legacy Common Name field",
Registered: Sat Jun 15 01:39:40 UTC 2024 - Last Modified: Thu Jun 29 15:48:39 UTC 2023 - 25.8K bytes - Viewed (0) -
pilot/pkg/security/model/authentication_test.go
Registered: Fri Jun 14 15:00:06 UTC 2024 - Last Modified: Tue Feb 20 22:39:21 UTC 2024 - 18.9K bytes - Viewed (0) -
cmd/kubeadm/app/cmd/phases/init/certs.go
options.NetworkingDNSDomain, options.NetworkingServiceSubnet, ) } return flags } func getSANDescription(certSpec *certsphase.KubeadmCert) string { // Defaulted config we will use to get SAN certs defaultConfig := &kubeadmapiv1.InitConfiguration{ LocalAPIEndpoint: kubeadmapiv1.APIEndpoint{ // GetAPIServerAltNames errors without an AdvertiseAddress; this is as good as any. AdvertiseAddress: "127.0.0.1",
Registered: Sat Jun 15 01:39:40 UTC 2024 - Last Modified: Sat Jun 08 06:35:45 UTC 2024 - 9.8K bytes - Viewed (0)