- Sort Score
- Result 10 results
- Languages All
Results 11 - 20 of 763 for certChain (0.32 sec)
-
tests/integration/security/util/cert/cert.go
systemNs, err := istio.ClaimSystemNamespace(ctx) if err != nil { return err } var caCert, caKey, certChain, rootCert []byte if caCert, err = ReadSampleCertFromFile(caCertFile); err != nil { return err } if caKey, err = ReadSampleCertFromFile(caKeyFile); err != nil { return err } if certChain, err = ReadSampleCertFromFile(certChainFile); err != nil { return err }
Registered: Fri Jun 14 15:00:06 UTC 2024 - Last Modified: Fri Dec 15 16:44:37 UTC 2023 - 6.2K bytes - Viewed (0) -
security/pkg/nodeagent/util/util.go
} return cert.NotAfter, nil } // OutputKeyCertToDir output the key and certificate to the given directory. // If directory string is empty, return nil. func OutputKeyCertToDir(dir string, privateKey, certChain, rootCert []byte) error { var err error if len(dir) == 0 { return nil } certFileMode := os.FileMode(0o600) if k8sInCluster.Get() != "" {
Registered: Fri Jun 14 15:00:06 UTC 2024 - Last Modified: Tue Oct 17 10:33:38 UTC 2023 - 2.9K bytes - Viewed (0) -
security/pkg/k8s/chiron/utils.go
cert.UsageServerAuth, } if signerName == "" { return nil, nil, nil, fmt.Errorf("signerName is required for Kubernetes CA") } certChain, caCert, err := SignCSRK8s(client, csrPEM, signerName, usages, dnsName, caFilePath, approveCsr, true, requestedLifetime) return certChain, keyPEM, caCert, err } // SignCSRK8s generates a certificate from CSR using the K8s CA // 1. Submit a CSR // 2. Approve a CSR
Registered: Fri Jun 14 15:00:06 UTC 2024 - Last Modified: Fri Apr 05 18:11:22 UTC 2024 - 9.2K bytes - Viewed (0) -
pilot/pkg/bootstrap/istio_ca_test.go
} func createCASecret(t test.Failer, client kube.Client) { var caCert, caKey, certChain, rootCert []byte var err error if caCert, err = readSampleCertFromFile("ca-cert.pem"); err != nil { t.Fatal(err) } if caKey, err = readSampleCertFromFile("ca-key.pem"); err != nil { t.Fatal(err) } if certChain, err = readSampleCertFromFile("cert-chain.pem"); err != nil { t.Fatal(err) }
Registered: Fri Jun 14 15:00:06 UTC 2024 - Last Modified: Tue Oct 31 14:48:28 UTC 2023 - 4.3K bytes - Viewed (0) -
security/pkg/nodeagent/caclient/providers/citadel/client.go
resp, err := c.client.CreateCertificate(ctx, req) if err != nil { return nil, fmt.Errorf("create certificate: %v", err) } if len(resp.CertChain) <= 1 { return nil, errors.New("invalid empty CertChain") } return resp.CertChain, nil } func (c *CitadelClient) getTLSOptions() *istiogrpc.TLSOptions { if c.tlsOpts != nil { return &istiogrpc.TLSOptions{
Registered: Fri Jun 14 15:00:06 UTC 2024 - Last Modified: Thu May 16 22:12:28 UTC 2024 - 4.9K bytes - Viewed (0) -
istioctl/pkg/writer/ztunnel/configdump/api.go
WorkloadState map[string]WorkloadState `json:"workloadState"` } type CertsDump struct { Identity string `json:"identity"` State string `json:"state"` CertChain []*Cert `json:"certChain"` } type Cert struct { Pem string `json:"pem"` SerialNumber string `json:"serialNumber"` ValidFrom string `json:"validFrom"` ExpirationTime string `json:"expirationTime"`
Registered: Fri Jun 14 15:00:06 UTC 2024 - Last Modified: Thu Jun 13 16:51:29 UTC 2024 - 5.5K bytes - Viewed (0) -
security/pkg/nodeagent/caclient/providers/mock/mockcaclient.go
// CSRSign returns the certificate or errors depending on the settings. func (c *CAClient) CSRSign(csrPEM []byte, certValidTTLInSec int64) ([]string, error) { atomic.AddUint64(&c.SignInvokeCount, 1) signingCert, signingKey, certChain, rootCert := c.bundle.GetAll() csr, err := util.ParsePemEncodedCSR(csrPEM) if err != nil { return nil, fmt.Errorf("csr sign error: %v", err) } subjectIDs := []string{"test"}
Registered: Fri Jun 14 15:00:06 UTC 2024 - Last Modified: Thu May 16 22:12:28 UTC 2024 - 3K bytes - Viewed (0) -
security/pkg/nodeagent/sds/sdsservice_test.go
} func (s *TestServer) UpdateSecret(name string, secret *ca2.SecretItem) { s.t.Helper() s.store.Set(name, secret) s.server.OnSecretUpdate(name) } type Expectation struct { ResourceName string CertChain []byte Key []byte RootCert []byte } func (s *TestServer) extractPrivateKeyProvider(provider *tlsv3.PrivateKeyProvider) []byte { var cmb cryptomb.CryptoMbPrivateKeyMethodConfig
Registered: Fri Jun 14 15:00:06 UTC 2024 - Last Modified: Wed Jan 17 20:12:58 UTC 2024 - 11.6K bytes - Viewed (0) -
security/pkg/pki/util/verify_cert.go
func FindRootCertFromCertificateChainBytes(certBytes []byte) ([]byte, error) { certChain, cert, err := ParsePemEncodedCertificateChain(certBytes) if err != nil { return nil, fmt.Errorf("error parsing root certificate: %s", err.Error()) } rootCert := certChain[len(certChain)-1] if !rootCert.IsCA { return nil, fmt.Errorf("found root cert is not a ca type cert: %v", rootCert) }
Registered: Fri Jun 14 15:00:06 UTC 2024 - Last Modified: Mon Sep 05 10:37:29 UTC 2022 - 5.9K bytes - Viewed (0) -
security/pkg/nodeagent/cache/secretcache.go
func concatCerts(certsPEM []string) []byte { if len(certsPEM) == 0 { return []byte{} } var certChain bytes.Buffer for i, c := range certsPEM { certChain.WriteString(c) if i < len(certsPEM)-1 && !strings.HasSuffix(c, "\n") { certChain.WriteString("\n") } } return certChain.Bytes() } // UpdateConfigTrustBundle : Update the Configured Trust Bundle in the secret Manager client
Registered: Fri Jun 14 15:00:06 UTC 2024 - Last Modified: Mon Mar 04 08:29:46 UTC 2024 - 28.2K bytes - Viewed (0)