- Sort Score
- Result 10 results
- Languages All
Results 31 - 40 of 60 for rootCert (0.14 sec)
-
pkg/adsc/adsc.go
XDSSAN string // XDSRootCAFile explicitly set the root CA to be used for the XDS connection. // Mirrors Envoy file. XDSRootCAFile string // RootCert contains the XDS root certificate. Used mainly for tests, apps will normally use // XDSRootCAFile RootCert []byte // InsecureSkipVerify skips client verification the server's certificate chain and host name. InsecureSkipVerify bool
Registered: Fri Jun 14 15:00:06 UTC 2024 - Last Modified: Mon Feb 05 22:18:49 UTC 2024 - 35K bytes - Viewed (0) -
security/pkg/pki/ca/selfsignedcarootcertrotator_test.go
client := rotator.config.client caSecret, _ := client.Secrets(rotator.config.caStorageNamespace).Get(context.TODO(), rotator.config.secretName, metav1.GetOptions{}) rootCert := rotator.ca.keyCertBundle.GetRootCertPem() return rootCertItem{caSecret: caSecret, rootCertInKeyCertBundle: rootCert} } // TestRootCertRotatorForSigningCitadel verifies that rotator rotates root cert, // updates key cert bundle and config map.
Registered: Fri Jun 14 15:00:06 UTC 2024 - Last Modified: Wed Oct 11 23:33:41 UTC 2023 - 14.1K bytes - Viewed (0) -
pkg/test/framework/components/echo/kube/templates/deployment.yaml
--- {{- end }} {{- end }} {{- if .TLSSettings}}{{if not .TLSSettings.ProxyProvision }} apiVersion: v1 kind: ConfigMap metadata: name: {{ $.Service }}-certs data: root-cert.pem: | {{ .TLSSettings.RootCert | indent 4 }} cert-chain.pem: | {{ .TLSSettings.ClientCert | indent 4 }} key.pem: | {{.TLSSettings.Key | indent 4}} ---
Registered: Fri Jun 14 15:00:06 UTC 2024 - Last Modified: Thu May 02 21:29:40 UTC 2024 - 6.1K bytes - Viewed (0) -
pkg/spiffe/spiffe_test.go
if block == nil { t.Fatalf("Can't decode the root cert.") } rootCert, err := x509.ParseCertificate(block.Bytes) if err != nil { t.Fatalf("Failed to parse certificate: " + err.Error()) } certMap[trustDomain] = append(certMap[trustDomain], rootCert) } } verifier := NewPeerCertVerifier() verifier.AddMappings(certMap)
Registered: Fri Jun 14 15:00:06 UTC 2024 - Last Modified: Thu May 23 21:07:03 UTC 2024 - 18.1K bytes - Viewed (0) -
security/pkg/pki/util/keycertbundle_test.go
IsCA: true, IsSelfSigned: true, TTL: time.Hour, RSAKeySize: 2048, }) if err != nil { t.Errorf("failed to gen root cert for Citadel self signed cert %v", err) } rootCert, err := ParsePemEncodedCertificate(rootCertBytes) if err != nil { t.Errorf("failed to parsing pem for root cert %v", err) } rootKey, err := ParsePemEncodedKey(rootKeyBytes) if err != nil {
Registered: Fri Jun 14 15:00:06 UTC 2024 - Last Modified: Sun Jan 21 06:07:50 UTC 2024 - 15.8K bytes - Viewed (0) -
security/pkg/pki/ca/ca.go
func BuildSecret(scrtName, namespace string, certChain, privateKey, rootCert, caCert, caPrivateKey []byte, secretType v1.SecretType) *v1.Secret { secret := &v1.Secret{ Data: map[string][]byte{ CertChainFile: certChain, PrivateKeyFile: privateKey, RootCertFile: rootCert, CACertFile: caCert, CAPrivateKeyFile: caPrivateKey, }, ObjectMeta: metav1.ObjectMeta{
Registered: Fri Jun 14 15:00:06 UTC 2024 - Last Modified: Thu Nov 30 19:33:26 UTC 2023 - 17.2K bytes - Viewed (0) -
security/pkg/pki/util/keycertbundle.go
"time" ) // KeyCertBundle stores the cert, private key, cert chain and root cert for an entity. It is thread safe. // The cert and privKey should be a public/private key pair. // The cert should be verifiable from the rootCert through the certChain. // cert and priveKey are pointers to the cert/key parsed from certBytes/privKeyBytes. type KeyCertBundle struct { certBytes []byte cert *x509.Certificate privKeyBytes []byte
Registered: Fri Jun 14 15:00:06 UTC 2024 - Last Modified: Sun Jan 21 06:07:50 UTC 2024 - 10.5K bytes - Viewed (0) -
tests/integration/security/util/framework.go
}, }, // Set up TLS certs on the server. This will make the server listen with these credentials. TLSSettings: &common.TLSSettings{ // Echo has these test certs baked into the docker image RootCert: mustReadCert("root-cert.pem"), ClientCert: mustReadCert("cert-chain.pem"), Key: mustReadCert("key.pem"), // Override hostname to match the SAN in the cert we are using Hostname: "server.default.svc",
Registered: Fri Jun 14 15:00:06 UTC 2024 - Last Modified: Thu May 02 21:29:40 UTC 2024 - 8.4K bytes - Viewed (0) -
security/pkg/k8s/chiron/utils_test.go
func TestGenKeyCertK8sCA(t *testing.T) { log.FindScope("default").SetOutputLevel(log.DebugLevel) signers, client := runTestSigner(t) ca := filepath.Join(t.TempDir(), "root-cert.pem") os.WriteFile(ca, []byte(signers[0].Rootcert), 0o666) _, _, _, err := GenKeyCertK8sCA(client.Kube(), "foo", ca, testSigner, true, DefaulCertTTL) assert.NoError(t, err) } func TestReadCACert(t *testing.T) { testCases := map[string]struct {
Registered: Fri Jun 14 15:00:06 UTC 2024 - Last Modified: Wed May 15 03:58:11 UTC 2024 - 13K bytes - Viewed (0) -
src/crypto/x509/name_constraints_test.go
var parent *Certificate parentKey := rootKey for _, root := range test.roots { rootCert, err := makeConstraintsCACert(root, rootName, rootKey, nil, rootKey) if err != nil { t.Fatalf("failed to create root: %s", err) } parent = rootCert rootPool.AddCert(rootCert) } intermediatePool := NewCertPool()
Registered: Wed Jun 12 16:32:35 UTC 2024 - Last Modified: Thu May 09 22:40:21 UTC 2024 - 45.2K bytes - Viewed (0)