Search Options

Results per page
Sort
Preferred Languages
Advance

Results 11 - 20 of 60 for root_certs (0.21 sec)

  2. github.com/istio/istio

    pkg/istio-agent/plugins.go 

    	} else {
		tlsOpts = &citadel.TLSOptions{}
		tlsOpts.RootCert, err = a.FindRootCAForCA()
		if err != nil {
			return nil, fmt.Errorf("failed to find root CA cert for CA: %v", err)
		}

		if tlsOpts.RootCert == "" {
			log.Infof("Using CA %s cert with system certs", opts.CAEndpoint)
		} else if !fileExists(tlsOpts.RootCert) {
    Registered: Fri Jun 14 15:00:06 UTC 2024
    - Last Modified: Sat May 11 03:32:57 UTC 2024
    - 2.7K bytes
    - Viewed (0)
  3. github.com/istio/istio

    pkg/test/csrctrl/signer/signer.go 

    	if err != nil {
		return nil, fmt.Errorf("failed to append intermediate certificates (%v)", err)
	}
	if appendRootCert {
		rootCerts, err := util.AppendRootCerts(intermediateCerts, s.caProvider.caLoader.CertFile)
		if err != nil {
			return nil, fmt.Errorf("failed to append root certificates (%v)", err)
		}
		return rootCerts, nil
	}
	return intermediateCerts, nil
}

func (s *Signer) GetRootCerts() string {
    Registered: Fri Jun 14 15:00:06 UTC 2024
    - Last Modified: Fri Dec 03 18:57:19 UTC 2021
    - 2.5K bytes
    - Viewed (0)
  4. github.com/istio/istio

    pkg/test/csrctrl/controllers/start_csrctrl.go 

    		}
		signersMap[signerName] = signer
		rootCert, rErr := os.ReadFile(signer.GetRootCerts())
		if rErr != nil {
			return nil, fmt.Errorf("unable to read root cert for signer %q: %v", signerName, err)
		}
		rootCertsForSigner := SignerRootCert{
			Signer:   signerName,
			Rootcert: string(rootCert),
		}
		rootCertSignerArr = append(rootCertSignerArr, rootCertsForSigner)
	}
    Registered: Fri Jun 14 15:00:06 UTC 2024
    - Last Modified: Tue May 09 02:22:47 UTC 2023
    - 2K bytes
    - Viewed (0)
  5. github.com/istio/istio

    pkg/test/framework/components/istio/ca.go 

    	"istio.io/istio/pkg/test/framework"
	pkiutil "istio.io/istio/security/pkg/pki/util"
)

type Cert struct {
	ClientCert, Key, RootCert []byte
}

func CreateCertificate(t framework.TestContext, i Instance, serviceAccount, namespace string) (Cert, error) {
	c := t.Clusters().Default()
	rootCert, err := FetchRootCert(c.Kube())
	if err != nil {
		return Cert{}, fmt.Errorf("failed to fetch root cert: %v", err)
	}
    Registered: Fri Jun 14 15:00:06 UTC 2024
    - Last Modified: Wed Mar 27 16:59:05 UTC 2024
    - 4.5K bytes
    - Viewed (0)
  6. github.com/istio/istio

    security/pkg/pki/util/verify_cert_test.go 

    			privPem:        nil,
			certChainPem:   []byte(certChainBad),
			rootCertPem:    []byte(rootCert),
			expectedFields: verifyField1,
			expectedErr:    "failed to parse certificate chain",
		},
		"Failed to verify cert chain": {
			privPem:        nil,
			certChainPem:   []byte(certChainNoRoot),
			rootCertPem:    []byte(rootCert),
			expectedFields: verifyField2,
			expectedErr:    "failed to verify certificate: x509:",
    Registered: Fri Jun 14 15:00:06 UTC 2024
    - Last Modified: Tue Aug 16 14:56:37 UTC 2022
    - 6.5K bytes
    - Viewed (0)
  7. github.com/istio/istio

    security/pkg/nodeagent/caclient/providers/citadel/client_test.go 

    			CredFetcher: plugin.CreateTokenPlugin("testdata/token"),
			ProvCert:    certDir,
		}
		rootCert := path.Join(certDir, constants.RootCertFilename)
		key := path.Join(certDir, constants.KeyFilename)
		cert := path.Join(certDir, constants.CertChainFilename)
		tlsOpts := &TLSOptions{
			RootCert: rootCert,
			Key:      key,
			Cert:     cert,
		}
		cli, err := NewCitadelClient(opts, tlsOpts)
		if err != nil {
    Registered: Fri Jun 14 15:00:06 UTC 2024
    - Last Modified: Wed Apr 24 21:03:23 UTC 2024
    - 11.8K bytes
    - Viewed (0)
  8. github.com/istio/istio

    pilot/pkg/bootstrap/istio_ca_test.go 

    }

func createCATLSSecret(t test.Failer, client kube.Client) {
	var caCert, caKey, rootCert []byte
	var err error
	if caCert, err = readSampleCertFromFile("ca-cert.pem"); err != nil {
		t.Fatal(err)
	}
	if caKey, err = readSampleCertFromFile("ca-key.pem"); err != nil {
		t.Fatal(err)
	}
	if rootCert, err = readSampleCertFromFile("root-cert.pem"); err != nil {
		t.Fatal(err)
	}
    Registered: Fri Jun 14 15:00:06 UTC 2024
    - Last Modified: Tue Oct 31 14:48:28 UTC 2023
    - 4.3K bytes
    - Viewed (0)
  9. github.com/istio/istio

    security/pkg/nodeagent/util/util.go 

    	}
	return cert.NotAfter, nil
}

// OutputKeyCertToDir output the key and certificate to the given directory.
// If directory string is empty, return nil.
func OutputKeyCertToDir(dir string, privateKey, certChain, rootCert []byte) error {
	var err error
	if len(dir) == 0 {
		return nil
	}

	certFileMode := os.FileMode(0o600)
	if k8sInCluster.Get() != "" {
		// If this is running on k8s, give more permission to the file certs.
    Registered: Fri Jun 14 15:00:06 UTC 2024
    - Last Modified: Tue Oct 17 10:33:38 UTC 2023
    - 2.9K bytes
    - Viewed (0)
  10. github.com/istio/istio

    tests/integration/security/ca_custom_root/main_test.go 

    			{
				Name:         "https",
				Protocol:     protocol.HTTPS,
				ServicePort:  443,
				WorkloadPort: 8443,
				TLS:          true,
			},
		},
		TLSSettings: &common.TLSSettings{
			RootCert:      rootCert,
			ClientCert:    clientCert,
			Key:           Key,
			AcceptAnyALPN: true,
		},
	}

	serverNakedBarConfig := echo.Config{
		Namespace: customNs.Get(),
		Service:   "server-naked-bar",
    Registered: Fri Jun 14 15:00:06 UTC 2024
    - Last Modified: Thu May 02 21:29:40 UTC 2024
    - 9.2K bytes
    - Viewed (0)
  11. github.com/kubernetes/kubernetes

    cmd/kubeadm/app/phases/certs/certlist_test.go 

    	}
}

func TestMakeCertTree(t *testing.T) {
	rootCert := &KubeadmCert{
		Name: "root",
	}
	leaf0 := &KubeadmCert{
		Name:   "leaf0",
		CAName: "root",
	}
	leaf1 := &KubeadmCert{
		Name:   "leaf1",
		CAName: "root",
	}
	selfSigned := &KubeadmCert{
		Name: "self-signed",
	}

	certMap := CertificateMap{
		"root":        rootCert,
		"leaf0":       leaf0,
		"leaf1":       leaf1,
    Registered: Sat Jun 15 01:39:40 UTC 2024
    - Last Modified: Wed May 01 16:01:49 UTC 2024
    - 8.8K bytes
    - Viewed (0)
Back to top