istio: Index | Files

package ca

import ""


Package Files

intermediate.go root.go

func NewIstioConfig Uses

func NewIstioConfig(systemNamespace string) (string, error)

NewIstioConfig creates an extensions configuration for Istio, using the given system namespace in the DNS SANs.

type Intermediate Uses

type Intermediate struct {
    KeyFile  string
    ConfFile string
    CSRFile  string
    CertFile string
    Root     Root

IntermediateCA is an intermediate CA for a single cluster.

func NewIntermediate Uses

func NewIntermediate(workDir, config string, root Root) (Intermediate, error)

NewIntermediate creates a new intermediate CA for the given cluster.

func (Intermediate) NewIstioCASecret Uses

func (ca Intermediate) NewIstioCASecret() (*kubeApiCore.Secret, error)

NewIstioCASecret creates a secret (named "cacerts") containing the intermediate certificate and cert chain. If available when Istio starts, this will be used instead of Istio's autogenerated self-signed root (istio-ca-secret). This can be used in a multicluster environment in order to establish a common root of trust between the clusters.

type Root Uses

type Root struct {
    // KeyFile is the path to the file containing the private key for the CA.
    KeyFile string

    // ConfFile is the path to the file containing the extensions configuration file.
    ConfFile string

    // CSRFile used to generate the cert.
    CSRFile string

    // CertFile the cert for the root CA.
    CertFile string

Root contains the cryptographic files for a self-signed root CA.

func NewRoot Uses

func NewRoot(workDir string) (Root, error)

NewRoot generates the files for a new self-signed Root CA files under the given directory.

Package ca imports 8 packages (graph) and is imported by 2 packages. Updated 2020-10-01. Refresh now. Tools for package owners.