Search Options

Results per page
Sort
Preferred Languages
Advance

Results 11 - 19 of 19 for CertOptions (0.24 sec)

  2. github.com/istio/istio

    security/pkg/pki/ca/selfsignedcarootcertrotator_test.go 

    	// cert options differ from default cert options used by rotator.
	oldCertOrg := "old cert org"
	oldCertRSAKeySize := 2048
	customCertOptions := util.CertOptions{
		TTL:          rotator.config.caCertTTL,
		Org:          oldCertOrg,
		IsCA:         true,
		IsSelfSigned: true,
		RSAKeySize:   oldCertRSAKeySize,
	}
    Registered: Fri Jun 14 15:00:06 UTC 2024
    - Last Modified: Wed Oct 11 23:33:41 UTC 2023
    - 14.1K bytes
    - Viewed (0)
  3. github.com/istio/istio

    pkg/test/framework/components/istio/ca.go 

    	if err != nil {
		return Cert{}, err
	}

	san := fmt.Sprintf("spiffe://%s/ns/%s/sa/%s", "cluster.local", namespace, serviceAccount)
	options := pkiutil.CertOptions{
		Host:       san,
		RSAKeySize: 2048,
	}
	// Generate the cert/key, send CSR to CA.
	csrPEM, keyPEM, err := pkiutil.GenCSR(options)
	if err != nil {
		return Cert{}, err
	}
    Registered: Fri Jun 14 15:00:06 UTC 2024
    - Last Modified: Wed Mar 27 16:59:05 UTC 2024
    - 4.5K bytes
    - Viewed (0)
  4. github.com/istio/istio

    tests/fuzz/pki_fuzzer.go 

    	if err != nil {
		return 0
	}
	bundle, err := util.NewVerifiedKeyCertBundleFromFile("certfile", "privKeyFile", []string{"certChainFile"}, "rootCertFile")
	if err != nil {
		return 0
	}
	_, err = bundle.CertOptions()
	if err == nil {
		panic("Ran successfully")
	}

	newCertFile, err := os.Create("newCertfile")
	if err != nil {
		return 0
	}
	defer newCertFile.Close()
	defer os.Remove("newCertFile")
    Registered: Fri Jun 14 15:00:06 UTC 2024
    - Last Modified: Mon Jun 05 14:00:25 UTC 2023
    - 5.2K bytes
    - Viewed (0)
  5. github.com/istio/istio

    security/pkg/pki/ca/ca.go 

    					return err
				}
			}

			// 3. if use cacerts disabled, create `istio-ca-secret`, otherwise create `cacerts`.
			pkiCaLog.Infof("CASecret %s not found, will create one", caCertName)
			options := util.CertOptions{
				TTL:          caCertTTL,
				Org:          org,
				IsCA:         true,
				IsSelfSigned: true,
				RSAKeySize:   caRSAKeySize,
				IsDualUse:    dualUse,
			}
    Registered: Fri Jun 14 15:00:06 UTC 2024
    - Last Modified: Thu Nov 30 19:33:26 UTC 2023
    - 17.2K bytes
    - Viewed (0)
  6. github.com/istio/istio

    security/tools/generate_cert/main.go 

    		}
	case citadelMode:
		signerCert, signerPriv = signCertFromCitadel()
	default:
		log.Fatalf("Unsupported mode %v", *mode)
	}

	opts := util.CertOptions{
		Host:         *host,
		NotBefore:    getNotBefore(),
		TTL:          *validFor,
		SignerCert:   signerCert,
		SignerPriv:   signerPriv,
		Org:          *org,
		IsCA:         *isCA,
    Registered: Fri Jun 14 15:00:06 UTC 2024
    - Last Modified: Fri Apr 28 16:21:30 UTC 2023
    - 5.7K bytes
    - Viewed (0)
  7. github.com/istio/istio

    security/pkg/pki/ca/selfsignedcarootcertrotator.go 

    	if err != nil {
		rootCertRotatorLog.Warnf("Failed to generate cert options from existing root certificate (%v), "+
			"new root certificate may not match old root certificate", err)
	}
	options := util.CertOptions{
		TTL:           rotator.config.caCertTTL,
		SignerPrivPem: caSecret.Data[CAPrivateKeyFile],
		Org:           rotator.config.org,
		IsCA:          true,
		IsSelfSigned:  true,
    Registered: Fri Jun 14 15:00:06 UTC 2024
    - Last Modified: Thu Nov 30 19:33:26 UTC 2023
    - 10.4K bytes
    - Viewed (0)
  8. github.com/istio/istio

    security/pkg/k8s/chiron/utils.go 

    func GenKeyCertK8sCA(client clientset.Interface, dnsName,
	caFilePath string, signerName string, approveCsr bool, requestedLifetime time.Duration,
) ([]byte, []byte, []byte, error) {
	// 1. Generate a CSR
	options := util.CertOptions{
		Host:       dnsName,
		RSAKeySize: keySize,
		IsDualUse:  false,
		PKCS8Key:   false,
	}
	csrPEM, keyPEM, err := util.GenCSR(options)
	if err != nil {
		log.Errorf("CSR generation error (%v)", err)
    Registered: Fri Jun 14 15:00:06 UTC 2024
    - Last Modified: Fri Apr 05 18:11:22 UTC 2024
    - 9.2K bytes
    - Viewed (0)
  9. github.com/istio/istio

    security/pkg/k8s/chiron/utils_test.go 

    				}
			} else if err != nil {
				t.Fatalf("failed at updateMutatingWebhookConfig: %v", err)
			}
		})
	}
}

func createFakeCsr(t *testing.T) []byte {
	options := pkiutil.CertOptions{
		Host:       "fake.com",
		RSAKeySize: 2048,
		PKCS8Key:   false,
		ECSigAlg:   pkiutil.SupportedECSignatureAlgorithms("ECDSA"),
	}
	csrPEM, _, err := pkiutil.GenCSR(options)
	if err != nil {
    Registered: Fri Jun 14 15:00:06 UTC 2024
    - Last Modified: Wed May 15 03:58:11 UTC 2024
    - 13K bytes
    - Viewed (0)
  10. github.com/istio/istio

    security/pkg/nodeagent/cache/secretcache.go 

    		Namespace:      sc.configOptions.WorkloadNamespace,
		ServiceAccount: sc.configOptions.ServiceAccount,
	}

	cacheLog.Debugf("constructed host name for CSR: %s", csrHostName.String())
	options := pkiutil.CertOptions{
		Host:       csrHostName.String(),
		RSAKeySize: sc.configOptions.WorkloadRSAKeySize,
		PKCS8Key:   sc.configOptions.Pkcs8Keys,
		ECSigAlg:   pkiutil.SupportedECSignatureAlgorithms(sc.configOptions.ECCSigAlg),
    Registered: Fri Jun 14 15:00:06 UTC 2024
    - Last Modified: Mon Mar 04 08:29:46 UTC 2024
    - 28.2K bytes
    - Viewed (0)
Back to top