Documentation
¶
Index ¶
- func DNSName(serviceName, namespace string) string
- func ExtractCARootFromSecret(caRootSecret *corev1.Secret) ([]byte, []byte, error)
- func ExtractServerCertFromSecret(serverCertSecret *corev1.Secret) ([]byte, []byte, error)
- func GenerateCA(notBefore, notAfter time.Time) ([]byte, []byte, error)
- func GenerateCert(caCertPEM []byte, caPrivateKeyPEM []byte, notBefore time.Time, ...) ([]byte, []byte, error)
- func NewCertPool(certPEM []byte) (*x509.CertPool, error)
- func VerifyCA(caCertPEM, caPrivateKeyPEM []byte, at time.Time) error
- func VerifyCert(certPEM, privateKeyPEM []byte, certPool *x509.CertPool, dnsName string, ...) error
Constants ¶
This section is empty.
Variables ¶
This section is empty.
Functions ¶
func ExtractCARootFromSecret ¶ added in v1.17.0
Extract the CA certificate and private key from a secret. Both are PEM encoded.
func ExtractServerCertFromSecret ¶ added in v1.17.0
Extract the server certificate and private key from a secret. Both are PEM encoded.
func GenerateCA ¶
GenerateCA generates a self-signed CA root certificate and private key in PEM format. It accepts validity bounds as parameters.
func GenerateCert ¶
func GenerateCert(caCertPEM []byte, caPrivateKeyPEM []byte, notBefore time.Time, notAfter time.Time, dnsName string, ) ([]byte, []byte, error)
GenerateCert generates a certificate and private key signed by the provided CA in PEM format. It accepts the CA root certificate and private key, validity bounds, and DNS name as parameters.
func NewCertPool ¶ added in v1.17.0
NewCertPool creates a new x509.CertPool from a PEM-encoded certificate that may contain multiple certificates.
Types ¶
This section is empty.
Source Files
Click to show internal directories.
Click to hide internal directories.