- Sort Score
- Result 10 results
- Languages All
Results 11 - 20 of 39 for san (0.02 sec)
-
src/crypto/x509/name_constraints_test.go
expectedError: "incompatible key usage", }, // An invalid DNS SAN should be detected only at validation time so // that we can process CA certificates in the wild that have invalid SANs. // See https://github.com/golang/go/issues/23995 // #77: an invalid DNS or mail SAN will not be detected if name constraint // checking is not triggered. { roots: make([]constraintsSpec, 1),
Registered: Wed Jun 12 16:32:35 UTC 2024 - Last Modified: Thu May 09 22:40:21 UTC 2024 - 45.2K bytes - Viewed (0) -
src/crypto/x509/parser.go
return errors.New("x509: invalid subject alternative names") } for !der.Empty() { var san cryptobyte.String var tag cryptobyte_asn1.Tag if !der.ReadAnyASN1(&san, &tag) { return errors.New("x509: invalid subject alternative name") } if err := callback(int(tag^0x80), san); err != nil { return err } } return nil }
Registered: Wed Jun 12 16:32:35 UTC 2024 - Last Modified: Wed May 22 21:00:16 UTC 2024 - 38.5K bytes - Viewed (0) -
cmd/kubeadm/app/phases/certs/renewal/manager_test.go
if len(cfg.AltNames.IPs) != 1 || cfg.AltNames.IPs[0].String() != expectedConfig.AltNames.IPs[0].String() { t.Errorf("expected SAN IPs %v, got %v", expectedConfig.AltNames.IPs, cfg.AltNames.IPs) } if len(cfg.AltNames.DNSNames) != 1 || cfg.AltNames.DNSNames[0] != expectedConfig.AltNames.DNSNames[0] { t.Errorf("expected SAN DNSNames %v, got %v", expectedConfig.AltNames.DNSNames, cfg.AltNames.DNSNames) } }
Registered: Sat Jun 15 01:39:40 UTC 2024 - Last Modified: Wed May 01 16:01:49 UTC 2024 - 13.9K bytes - Viewed (0) -
security/pkg/nodeagent/caclient/providers/citadel/client.go
if c.tlsOpts != nil { return &istiogrpc.TLSOptions{ RootCert: c.tlsOpts.RootCert, Key: c.tlsOpts.Key, Cert: c.tlsOpts.Cert, ServerAddress: c.opts.CAEndpoint, SAN: c.opts.CAEndpointSAN, } } return nil } func (c *CitadelClient) buildConnection() (*grpc.ClientConn, error) { tlsOpts := c.getTLSOptions() opts, err := istiogrpc.ClientOptions(nil, tlsOpts)
Registered: Fri Jun 14 15:00:06 UTC 2024 - Last Modified: Thu May 16 22:12:28 UTC 2024 - 4.9K bytes - Viewed (0) -
pilot/pkg/networking/core/cluster_tls.go
} } // buildIstioMutualTLS returns a `TLSSettings` for ISTIO_MUTUAL mode. func (cb *ClusterBuilder) buildIstioMutualTLS(san []string, sni string) *networking.ClientTLSSettings { return &networking.ClientTLSSettings{ Mode: networking.ClientTLSSettings_ISTIO_MUTUAL, SubjectAltNames: san, Sni: sni, }
Registered: Fri Jun 14 15:00:06 UTC 2024 - Last Modified: Thu Apr 18 19:09:43 UTC 2024 - 19.2K bytes - Viewed (0) -
tests/integration/security/util/framework.go
RootCert: mustReadCert("root-cert.pem"), ClientCert: mustReadCert("cert-chain.pem"), Key: mustReadCert("key.pem"), // Override hostname to match the SAN in the cert we are using Hostname: "server.default.svc", }, Subsets: []echo.SubsetConfig{{ Version: "v1", Annotations: map[string]string{annotation.SidecarInject.Name: "false"}, }}, }
Registered: Fri Jun 14 15:00:06 UTC 2024 - Last Modified: Thu May 02 21:29:40 UTC 2024 - 8.4K bytes - Viewed (0) -
pilot/pkg/xds/cds_test.go
sans: nil, }, { name: "Kubernetes service and NONE ServiceEntry", objs: []runtime.Object{service, pod, endpoint}, configs: []config.Config{dr, seNONE}, // Service properly sets SAN. Since it's not external, we do not add the SANs automatically though sans: nil, }, { name: "Kubernetes service and EDS ServiceEntry ISTIO_MUTUAL", objs: []runtime.Object{service, pod, endpoint},
Registered: Fri Jun 14 15:00:06 UTC 2024 - Last Modified: Wed May 01 02:06:39 UTC 2024 - 9.2K bytes - Viewed (0) -
pkg/security/security.go
// Client interface defines the clients need to implement to talk to CA for CSR. // The Agent will create a key pair and a CSR, and use an implementation of this // interface to get back a signed certificate. There is no guarantee that the SAN // in the request will be returned - server may replace it. type Client interface { CSRSign(csrPEM []byte, certValidTTLInSec int64) ([]string, error) Close()
Registered: Fri Jun 14 15:00:06 UTC 2024 - Last Modified: Thu Jun 13 17:48:28 UTC 2024 - 19.1K bytes - Viewed (0) -
src/crypto/x509/x509_test.go
} if !reflect.DeepEqual(cert.DNSNames, template.DNSNames) { t.Errorf("%s: SAN DNS names differ from template. Got %v, want %v", test.name, cert.DNSNames, template.DNSNames) } if !reflect.DeepEqual(cert.EmailAddresses, template.EmailAddresses) { t.Errorf("%s: SAN emails differ from template. Got %v, want %v", test.name, cert.EmailAddresses, template.EmailAddresses) }
Registered: Wed Jun 12 16:32:35 UTC 2024 - Last Modified: Wed May 22 21:00:16 UTC 2024 - 163.4K bytes - Viewed (0) -
pilot/pkg/serviceregistry/kube/conversion.go
func kubeToIstioServiceAccount(saname string, ns string, mesh *meshconfig.MeshConfig) string { return spiffe.MustGenSpiffeURI(mesh, ns, saname) } // SecureNamingSAN creates the secure naming used for SAN verification from pod metadata func SecureNamingSAN(pod *corev1.Pod, mesh *meshconfig.MeshConfig) string { return spiffe.MustGenSpiffeURI(mesh, pod.Namespace, pod.Spec.ServiceAccountName) }
Registered: Fri Jun 14 15:00:06 UTC 2024 - Last Modified: Thu May 23 21:07:03 UTC 2024 - 9.4K bytes - Viewed (0)