Documentation ¶
Index ¶
- Constants
- func NewSelfSignedCACert(cfg Config, key crypto.Signer) (*x509.Certificate, error)
- type AltNames
- type CertUtil
- func (cu *CertUtil) APIServerCertFile() string
- func (cu *CertUtil) APIServerKeyFile() string
- func (cu *CertUtil) CACertFile() string
- func (cu *CertUtil) CAKeyFile() string
- func (cu *CertUtil) EnsureApiServerPKI(advertiseAddress string) error
- func (cu *CertUtil) EnsureAuthnClientPKI() error
- func (cu *CertUtil) EnsureAuthzClientPKI() error
- func (cu *CertUtil) GetK8sCACert() (*x509.Certificate, error)
- func (cu *CertUtil) InitializeCACertPKI() error
- func (cu *CertUtil) K8sAuthnClientCertFile() string
- func (cu *CertUtil) K8sAuthnClientKeyFile() string
- func (cu *CertUtil) K8sAuthzClientCertFile() string
- func (cu *CertUtil) K8sAuthzClientKeyFile() string
- type Config
- type Service
- type ServiceInterface
Constants ¶
View Source
const ( // The CA gets made using a helper in cert package provided in client-go. As such, it picks 0 for the CA serial - hence starting at 1 here. ApiServerCertSerial = iota + 1 AuthnClientCertSerial AuthzClientCertSerial )
View Source
const (
CannotVerifyErrorMessageFragment = "This is usually caused by only half of the keypair left behind on disk." +
"Try clearing the certs and retry"
)
View Source
const (
// CertificateBlockType is a possible value for pem.Block.Type.
CertificateBlockType = "CERTIFICATE"
)
View Source
const (
DefaultAPIServerIp = "127.0.0.1"
)
View Source
const (
RSAPrivateKeyBlockType = "RSA PRIVATE KEY"
)
Variables ¶
This section is empty.
Functions ¶
func NewSelfSignedCACert ¶
NewSelfSignedCACert creates a CA certificate
Types ¶
type AltNames ¶
AltNames contains the domain names and IP addresses that will be added to the API Server's x509 certificate SubAltNames field. The values will be passed directly to the x509.Certificate object.
type CertUtil ¶
type CertUtil struct { K8sDataPath string // contains filtered or unexported fields }
func (*CertUtil) APIServerCertFile ¶
func (*CertUtil) APIServerKeyFile ¶
func (*CertUtil) CACertFile ¶
func (*CertUtil) EnsureApiServerPKI ¶
func (*CertUtil) EnsureAuthnClientPKI ¶
func (*CertUtil) EnsureAuthzClientPKI ¶
func (*CertUtil) GetK8sCACert ¶
func (cu *CertUtil) GetK8sCACert() (*x509.Certificate, error)
func (*CertUtil) InitializeCACertPKI ¶
func (*CertUtil) K8sAuthnClientCertFile ¶
func (*CertUtil) K8sAuthnClientKeyFile ¶
func (*CertUtil) K8sAuthzClientCertFile ¶
func (*CertUtil) K8sAuthzClientKeyFile ¶
type Config ¶
type Config struct { CommonName string Organization []string AltNames AltNames Usages []x509.ExtKeyUsage }
Config contains the basic fields required for creating a certificate
type Service ¶
type Service struct { *services.BasicService // contains filtered or unexported fields }
type ServiceInterface ¶
type ServiceInterface interface { services.NamedService }
Click to show internal directories.
Click to hide internal directories.