cert

package
v0.0.0-...-4fc7d75 Latest Latest
Warning

This package is not in the latest version of its module.

 Go to latest Published: Mar 5, 2024 License: Apache-2.0 Imports: 20 Imported by: 0

Documentation

Index

Constants

View Source 
const (
	// PrivateKeyBlockType is a possible value for pem.Block.Type.
	PrivateKeyBlockType = "PRIVATE KEY"
	// PublicKeyBlockType is a possible value for pem.Block.Type.
	PublicKeyBlockType = "PUBLIC KEY"
	// CertificateBlockType is a possible value for pem.Block.Type.
	CertificateBlockType = "CERTIFICATE"
	// RSAPrivateKeyBlockType is a possible value for pem.Block.Type.
	RSAPrivateKeyBlockType = "RSA PRIVATE KEY"
)
View Source 
const (
	APIserverCert = iota
	APIserverKubeletClientCert
	FrontProxyClientCert
	APIserverEtcdClientCert
	EtcdServerCert
	EtcdPeerCert
	EtcdHealthcheckClientCert
)

Variables

View Source 
var (
	KubeDefaultCertPath = "/etc/kubernetes/pki"
)

Functions

func EncodeCertPEM 

func EncodeCertPEM(cert *x509.Certificate) []byte

EncodeCertPEM returns PEM-endcoded certificate data

func EncodePublicKeyPEM 

func EncodePublicKeyPEM(key crypto.PublicKey) ([]byte, error)

EncodePublicKeyPEM returns PEM-encoded public data

func GenerateCert 

func GenerateCert(altNames []string, hostIP, hostName, serviceCIRD, DNSDomain string) error

GenerateCert generate all cert.

func LoadCaCertAndKeyFromDisk 

func LoadCaCertAndKeyFromDisk(cfg Config) (*x509.Certificate, crypto.Signer, error)

LoadCaCertAndKeyFromDisk load ca cert and key form disk.

func NewCaCertAndKey 

func NewCaCertAndKey(cfg Config) (*x509.Certificate, crypto.Signer, error)

NewCaCertAndKey Create as ca.

func NewCaCertAndKeyFromRoot 

func NewCaCertAndKeyFromRoot(cfg Config, caCert *x509.Certificate, caKey crypto.Signer) (*x509.Certificate, crypto.Signer, error)

NewCaCertAndKeyFromRoot cmd/kubeadm/app/util/pkiutil/pki_helpers.go NewCertAndKey

func NewPrivateKey 

func NewPrivateKey(keyType x509.PublicKeyAlgorithm) (crypto.Signer, error)

NewPrivateKey creates an RSA private key

func NewSelfSignedCACert 

func NewSelfSignedCACert(key crypto.Signer, commonName string, organization []string, year time.Duration) (*x509.Certificate, error)

NewSelfSignedCACert creates a CA certificate

func NewSignedCert 

func NewSignedCert(cfg Config, key crypto.Signer, caCert *x509.Certificate, caKey crypto.Signer) (*x509.Certificate, error)

NewSignedCert creates a signed certificate using the given CA certificate and key

func TryLoadKeyFromDisk 

func TryLoadKeyFromDisk(pkiPath string) (crypto.Signer, error)

TryLoadKeyFromDisk tries to load the key from the disk and validates that it is valid

func WriteCert 

func WriteCert(pkiPath, name string, cert *x509.Certificate) error

WriteCert stores the given certificate at the given location

func WriteCertAndKey 

func WriteCertAndKey(pkiPath string, name string, cert *x509.Certificate, key crypto.Signer) error

WriteCertAndKey stores certificate and key at the specified location

func WriteKey 

func WriteKey(pkiPath, name string, key crypto.Signer) error

WriteKey stores the given key at the given location

func WritePublicKey 

func WritePublicKey(pkiPath, name string, key crypto.PublicKey) error

WritePublicKey stores the given public key at the given location

Types

type AltNames 

type AltNames struct {
	DNSNames map[string]string
	IPs      map[string]net.IP
}

AltNames contains the domain names and IP addresses that will be added to the API Server's x509 certificate SubAltNames field. The values will be passed directly to the x509.Certificate object.

type CertMetaData 

type CertMetaData struct {
	APIServer    AltNames
	NodeName     string
	NodeIP       string
	DNSDomain    string
	CertPath     string
	CertEtcdPath string
}

func NewCertMetaData 

func NewCertMetaData(apiServerIPAndDomains []string, svcCIDR, nodeName, nodeIP, DNSDomain string) (*CertMetaData, error)

func (*CertMetaData) GenerateAll 

func (meta *CertMetaData) GenerateAll() error

type Config 

type Config struct {
	Path         string // Writeto Dir
	BaseName     string // Writeto file name
	CAName       string // root ca map key
	CommonName   string
	Organization []string
	Year         time.Duration
	AltNames     AltNames
	Usages       []x509.ExtKeyUsage
}

Config contains the basic fields required for creating a certificate

func CaList 

func CaList(CertPath, CertEtcdPath string) []Config

func List 

func List(CertPath, CertEtcdPath string) []Config

Source Files

View all Source files

Jump to

Keyboard shortcuts

? : This menu
/ : Search site
f or F : Jump to
y or Y : Canonical URL
go.dev uses cookies from Google to deliver and enhance the quality of its services and to analyze traffic. Learn more.