- Sort Score
- Result 10 results
- Languages All
Results 21 - 30 of 60 for rootCert (0.17 sec)
-
security/pkg/pki/util/verify_cert.go
if err != nil { return nil, fmt.Errorf("error parsing root certificate: %s", err.Error()) } rootCert := certChain[len(certChain)-1] if !rootCert.IsCA { return nil, fmt.Errorf("found root cert is not a ca type cert: %v", rootCert) } return cert, nil } // IsCertExpired returns whether a cert expires func IsCertExpired(filepath string) (bool, error) {
Registered: Fri Jun 14 15:00:06 UTC 2024 - Last Modified: Mon Sep 05 10:37:29 UTC 2022 - 5.9K bytes - Viewed (0) -
security/pkg/nodeagent/caclient/providers/mock/mockcaclient.go
func (c *CAClient) CSRSign(csrPEM []byte, certValidTTLInSec int64) ([]string, error) { atomic.AddUint64(&c.SignInvokeCount, 1) signingCert, signingKey, certChain, rootCert := c.bundle.GetAll() csr, err := util.ParsePemEncodedCSR(csrPEM) if err != nil { return nil, fmt.Errorf("csr sign error: %v", err) } subjectIDs := []string{"test"}
Registered: Fri Jun 14 15:00:06 UTC 2024 - Last Modified: Thu May 16 22:12:28 UTC 2024 - 3K bytes - Viewed (0) -
pkg/test/cert/ca/intermediate.go
return nil, err } caKey, err := file.AsString(ca.KeyFile) if err != nil { return nil, err } rootCert, err := file.AsString(ca.Root.CertFile) if err != nil { return nil, err } // Create the cert chain by concatenating the intermediate and root certs. certChain := caCert + rootCert return &corev1.Secret{ ObjectMeta: metav1.ObjectMeta{ Name: "cacerts", },
Registered: Fri Jun 14 15:00:06 UTC 2024 - Last Modified: Thu Nov 03 08:41:32 UTC 2022 - 3.9K bytes - Viewed (0) -
pkg/test/echo/common/model.go
package common import "istio.io/istio/pkg/config/protocol" // TLSSettings defines TLS configuration for Echo server type TLSSettings struct { // If not empty, RootCert supplies the extra root cert that will be appended to the system cert pool. RootCert string ClientCert string Key string // If provided, override the host name used for the connection
Registered: Fri Jun 14 15:00:06 UTC 2024 - Last Modified: Wed Jan 05 00:22:45 UTC 2022 - 3.1K bytes - Viewed (0) -
security/pkg/nodeagent/sds/sdsservice_test.go
s.t.Helper() s.store.Set(name, secret) s.server.OnSecretUpdate(name) } type Expectation struct { ResourceName string CertChain []byte Key []byte RootCert []byte } func (s *TestServer) extractPrivateKeyProvider(provider *tlsv3.PrivateKeyProvider) []byte { var cmb cryptomb.CryptoMbPrivateKeyMethodConfig provider.GetTypedConfig().UnmarshalTo(&cmb)
Registered: Fri Jun 14 15:00:06 UTC 2024 - Last Modified: Wed Jan 17 20:12:58 UTC 2024 - 11.6K bytes - Viewed (0) -
pilot/pkg/keycertbundle/watcher.go
func (w *Watcher) SetFromFilesAndNotify(keyFile, certFile, rootCert string) error { cert, err := os.ReadFile(certFile) if err != nil { return err } key, err := os.ReadFile(keyFile) if err != nil { return err } caBundle, err := os.ReadFile(rootCert) if err != nil { return err } w.SetAndNotify(key, cert, caBundle) return nil }
Registered: Fri Jun 14 15:00:06 UTC 2024 - Last Modified: Mon Jun 05 14:00:18 UTC 2023 - 2.6K bytes - Viewed (0) -
pilot/pkg/networking/core/cluster_tls_test.go
err error } // TestBuildUpstreamClusterTLSContext tests the buildUpstreamClusterTLSContext function func TestBuildUpstreamClusterTLSContext(t *testing.T) { clientCert := "/path/to/cert" rootCert := "path/to/cacert" clientKey := "/path/to/key" credentialName := "some-fake-credential" testCases := []struct { name string opts *buildClusterOpts
Registered: Fri Jun 14 15:00:06 UTC 2024 - Last Modified: Mon May 06 03:53:05 UTC 2024 - 60.9K bytes - Viewed (0) -
tests/integration/security/filebased_tls_origination/main_test.go
WorkloadPort: 8092, TLS: true, }, }, // Set up TLS certs on the server. This will make the server listen with these credentials. TLSSettings: &common.TLSSettings{ RootCert: mustReadCert("root-cert.pem"), ClientCert: mustReadCert("cert-chain.pem"), Key: mustReadCert("key.pem"), // Override hostname to match the SAN in the cert we are using Hostname: "server.default.svc",
Registered: Fri Jun 14 15:00:06 UTC 2024 - Last Modified: Thu May 02 21:29:40 UTC 2024 - 7.3K bytes - Viewed (0) -
security/pkg/pki/ca/selfsignedcarootcertrotator.go
rootCerts, err := util.AppendRootCerts(caSecret.Data[CACertFile], rotator.config.rootCertFile) if err != nil { rootCertRotatorLog.Errorf("failed to append root certificates from file: %s", err.Error()) return } if err := rotator.ca.GetCAKeyCertBundle().VerifyAndSetAll(caSecret.Data[CACertFile], caSecret.Data[CAPrivateKeyFile], nil, rootCerts); err != nil {
Registered: Fri Jun 14 15:00:06 UTC 2024 - Last Modified: Thu Nov 30 19:33:26 UTC 2023 - 10.4K bytes - Viewed (0) -
pkg/test/framework/components/echo/common/deployment/external.go
Ports: ports.All(), // Set up TLS certs on the server. This will make the server listen with these credentials. TLSSettings: &common.TLSSettings{ // Echo has these test certs baked into the docker image RootCert: file.MustAsString(path.Join(env.IstioSrc, "tests/testdata/certs/dns/root-cert.pem")), ClientCert: file.MustAsString(path.Join(env.IstioSrc, "tests/testdata/certs/dns/cert-chain.pem")),
Registered: Fri Jun 14 15:00:06 UTC 2024 - Last Modified: Mon May 20 16:01:31 UTC 2024 - 2.7K bytes - Viewed (0)