cluster-api: Index | Files

package certs

import ""


Package Files

certs.go consts.go types.go


const (
    // DefaultRSAKeySize is the default key size used when created RSA keys.
    DefaultRSAKeySize = 2048

    // DefaultCertDuration is the default lifespan used when creating certificates.
    DefaultCertDuration = time.Hour * 24 * 365

    // When client certificates have less than ClientCertificateRenewalDuration
    // left before expiry, they will be regenerated.
    ClientCertificateRenewalDuration = DefaultCertDuration / 2

func DecodeCertPEM Uses

func DecodeCertPEM(encoded []byte) (*x509.Certificate, error)

DecodeCertPEM attempts to return a decoded certificate or nil if the encoded input does not contain a certificate.

func DecodePrivateKeyPEM Uses

func DecodePrivateKeyPEM(encoded []byte) (crypto.Signer, error)

DecodePrivateKeyPEM attempts to return a decoded key or nil if the encoded input does not contain a private key.

func EncodeCertPEM Uses

func EncodeCertPEM(cert *x509.Certificate) []byte

EncodeCertPEM returns PEM-endcoded certificate data.

func EncodePrivateKeyPEM Uses

func EncodePrivateKeyPEM(key *rsa.PrivateKey) []byte

EncodePrivateKeyPEM returns PEM-encoded private key data.

func EncodePublicKeyPEM Uses

func EncodePublicKeyPEM(key *rsa.PublicKey) ([]byte, error)

EncodePublicKeyPEM returns PEM-encoded public key data.

func NewPrivateKey Uses

func NewPrivateKey() (*rsa.PrivateKey, error)

NewPrivateKey creates an RSA private key

type AltNames Uses

type AltNames struct {
    DNSNames []string
    IPs      []net.IP

AltNames contains the domain names and IP addresses that will be added to the API Server's x509 certificate SubAltNames field. The values will be passed directly to the x509.Certificate object.

type Config Uses

type Config struct {
    CommonName   string
    Organization []string
    AltNames     AltNames
    Usages       []x509.ExtKeyUsage

Config contains the basic fields required for creating a certificate.

func (*Config) NewSignedCert Uses

func (cfg *Config) NewSignedCert(key *rsa.PrivateKey, caCert *x509.Certificate, caKey crypto.Signer) (*x509.Certificate, error)

NewSignedCert creates a signed certificate using the given CA certificate and key.

type KeyPair Uses

type KeyPair struct {
    Cert, Key []byte

KeyPair holds the raw bytes for a certificate and key.

func (*KeyPair) IsValid Uses

func (k *KeyPair) IsValid() bool

IsValid returns true if both the certificate and key are non-nil.

Package certs imports 12 packages (graph) and is imported by 9 packages. Updated 2020-10-15. Refresh now. Tools for package owners.