- Sort Score
- Result 10 results
- Languages All
Results 171 - 180 of 344 for ca (0.03 sec)
-
cni/pkg/install/kubeconfig_test.go
"path/filepath" "testing" "istio.io/istio/cni/pkg/config" testutils "istio.io/istio/pilot/test/util" ) const ( k8sServiceHost = "10.96.0.1" k8sServicePort = "443" kubeCAFilepath = "testdata/kube-ca.crt" saToken = "service_account_token_string" ) func TestCreateValidKubeconfigFile(t *testing.T) { tmp := t.TempDir() os.WriteFile(filepath.Join(tmp, "token"), []byte(saToken), 0o644) cases := []struct {
Registered: Wed Nov 06 22:53:10 UTC 2024 - Last Modified: Wed Aug 14 19:36:19 UTC 2024 - 3.8K bytes - Viewed (0) -
cni/pkg/install/kubeconfig.go
} if cfg.SkipTLSVerify { // User explicitly opted into insecure. cluster.InsecureSkipTLSVerify = true } else { caFile := model.GetOrDefault(cfg.KubeCAFile, cfg.K8sServiceAccountPath+"/ca.crt") caContents, err := os.ReadFile(caFile) if err != nil { return kubeconfig{}, err } cluster.CertificateAuthorityData = caContents } token, err := os.ReadFile(cfg.K8sServiceAccountPath + "/token")
Registered: Wed Nov 06 22:53:10 UTC 2024 - Last Modified: Thu Aug 01 18:38:14 UTC 2024 - 4K bytes - Viewed (0) -
docs/sts/client_grants/__init__.py
sts_ep='http://localhost:9000'): self.cid = cid self.csec = csec self.idp_ep = idp_ep self.sts_ep = sts_ep # Load CA certificates from SSL_CERT_FILE file if set ca_certs = os.environ.get('SSL_CERT_FILE') if not ca_certs: ca_certs = certifi.where() self._http = urllib3.PoolManager(
Registered: Sun Nov 03 19:28:11 UTC 2024 - Last Modified: Fri Apr 23 18:58:53 UTC 2021 - 4.6K bytes - Viewed (0) -
manifests/charts/README.md
- Better security: separate Istio components reside in different namespaces, allowing different teams or roles to manage different parts of Istio. For example, a security team would maintain the root CA and policy, a telemetry team may only have access to Prometheus, and a different team may maintain the control plane components (which are highly security sensitive).
Registered: Wed Nov 06 22:53:10 UTC 2024 - Last Modified: Thu Oct 31 16:56:50 UTC 2024 - 7.4K bytes - Viewed (0) -
common-protos/k8s.io/api/certificates/v1alpha1/generated.proto
// // The data must consist only of PEM certificate blocks that parse as valid // X.509 certificates. Each certificate must include a basic constraints // extension with the CA bit set. The API server will reject objects that // contain duplicate certificates, or that use PEM block headers. // // Users of ClusterTrustBundles, including Kubelet, are free to reorder and
Registered: Wed Nov 06 22:53:10 UTC 2024 - Last Modified: Mon Mar 11 18:43:24 UTC 2024 - 4.2K bytes - Viewed (0) -
cni/pkg/config/config.go
// Logging level for the CNI plugin // Since it runs out-of-process, it has to be separately configured PluginLogLevel string // The file mode to set when creating the kubeconfig file KubeconfigMode int // CA file for kubeconfig KubeCAFile string // Whether to use insecure TLS in the kubeconfig file SkipTLSVerify bool // Comma-separated list of K8S namespaces that CNI should ignore ExcludeNamespaces string
Registered: Wed Nov 06 22:53:10 UTC 2024 - Last Modified: Fri Aug 16 15:33:47 UTC 2024 - 5.7K bytes - Viewed (0) -
istioctl/pkg/writer/ztunnel/configdump/configdump.go
func (c *ConfigWriter) PrintVersionSummary() error { // TODO return nil } // PrintPodRootCAFromDynamicSecretDump prints just pod's root ca from dynamic secret config dump to the ConfigWriter stdout func (c *ConfigWriter) PrintPodRootCAFromDynamicSecretDump() (string, error) { // TODO return "", nil }
Registered: Wed Nov 06 22:53:10 UTC 2024 - Last Modified: Thu Jun 06 20:18:34 UTC 2024 - 3.9K bytes - Viewed (0) -
common-protos/k8s.io/api/certificates/v1/generated.proto
// // Custom signerNames can also be specified. The signer defines: // 1. Trust distribution: how trust (CA bundles) are distributed. // 2. Permitted subjects: and behavior when a disallowed subject is requested.
Registered: Wed Nov 06 22:53:10 UTC 2024 - Last Modified: Mon Mar 11 18:43:24 UTC 2024 - 11.6K bytes - Viewed (0) -
okhttp/src/main/kotlin/okhttp3/CertificatePinner.kt
* sha256/klO23nT2ehFDXCfx3eHTDRESMz3asj1muO+4aIdjiuY=: CN=COMODO RSA Secure Server CA * sha256/grX4Ta9HpZx6tSHkmCrvpApTQGo67CYDnvprLg5yRME=: CN=COMODO RSA Certification Authority * sha256/lCppFqbkrlJ3EcVFAkeip0+44VaoJUymbnOaEUk7tEU=: CN=AddTrust External CA Root * Pinned certificates for publicobject.com: * sha256/AAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAA=
Registered: Fri Nov 01 11:42:11 UTC 2024 - Last Modified: Mon Jan 08 01:13:22 UTC 2024 - 14.2K bytes - Viewed (0) -
helm-releases/minio-2.0.1.tgz
needs to be trusted. For instance, given that TLS is enabled and you need to add trust for Minio's own CA and for the CA of a Keycloak server, a Kubernetes secret can be created from the certificate files using `kubectl`: ``` kubectl -n minio create secret generic minio-trusted-certs --from-file=public.crt --from-file=keycloak.crt ``` If TLS is not enabled, you would need only the third party CA: ``` kubectl -n minio create secret generic minio-trusted-certs --from-file=keycloak.crt ``` The name of...
Registered: Sun Nov 03 19:28:11 UTC 2024 - Last Modified: Tue Aug 31 09:09:09 UTC 2021 - 13.6K bytes - Viewed (0)