const ( // PrivateKeyBlockType is a possible value for pem.Block.Type. PrivateKeyBlockType = "PRIVATE KEY" // PublicKeyBlockType is a possible value for pem.Block.Type. PublicKeyBlockType = "PUBLIC KEY" // CertificateBlockType is a possible value for pem.Block.Type. CertificateBlockType = "CERTIFICATE" // RSAPrivateKeyBlockType is a possible value for pem.Block.Type. RSAPrivateKeyBlockType = "RSA PRIVATE KEY" )
CSROrKeyExist returns true if one of the CSR or key exists
CertOrKeyExist returns a boolean whether the cert or the key exists
CertificateRequestFromFile returns the CertificateRequest from a given PEM-encoded file. Returns an error if the file could not be read or if the CSR could not be parsed.
EncodeCSRPEM returns PEM-encoded CSR data
EncodeCertPEM returns PEM-endcoded certificate data
EncodePublicKeyPEM returns PEM-encoded public data
GetAPIServerAltNames builds an AltNames object for to be used when generating apiserver certificate
GetEtcdAltNames builds an AltNames object for generating the etcd server certificate. `advertise address` and localhost are included in the SAN since this is the interfaces the etcd static pod listens on. The user can override the listen address with `Etcd.ExtraArgs` and add SANs with `Etcd.ServerCertSANs`.
GetEtcdPeerAltNames builds an AltNames object for generating the etcd peer certificate. Hostname and `API.AdvertiseAddress` are included if the user chooses to promote the single node etcd cluster into a multi-node one (stacked etcd). The user can override the listen address with `Etcd.ExtraArgs` and add SANs with `Etcd.PeerCertSANs`.
HasServerAuth returns true if the given certificate is a ServerAuth
NewCSR creates a new CSR
NewCSRAndKey generates a new key and CSR and that could be signed to create the given certificate
NewCertAndKey creates new certificate and key by passing the certificate authority certificate and key
NewCertificateAuthority creates new certificate and private key for the certificate authority
NewPrivateKey creates an RSA private key
NewSignedCert creates a signed certificate using the given CA certificate and key
PathsForCertAndKey returns the paths for the certificate and key given the path and basename.
TryLoadCSRAndKeyFromDisk tries to load the CSR and key from the disk
TryLoadCertAndKeyFromDisk tries to load a cert and a key from the disk and validates that they are valid
TryLoadCertFromDisk tries to load the cert from the disk and validates that it is valid
TryLoadKeyFromDisk tries to load the key from the disk and validates that it is valid
TryLoadPrivatePublicKeyFromDisk tries to load the key from the disk and validates that it is valid
WriteCSR writes the pem-encoded CSR data to csrPath. The CSR file will be created with file mode 0600. If the CSR file already exists, it will be overwritten. The parent directory of the csrPath will be created as needed with file mode 0700.
WriteCert stores the given certificate at the given location
WriteCertAndKey stores certificate and key at the specified location
WriteKey stores the given key at the given location
WritePublicKey stores the given public key at the given location