Documentation
¶
Index ¶
- Variables
- func GenerateCSR(cn string, options ...Option) ([]byte, []byte, error)
- func IsCertificateExpiringSoon(cert []byte, durationLeft time.Duration) (bool, error)
- func ParseCertificate(crt []byte) (*x509.Certificate, error)
- func ParseCertificatesFromBase64(ca, crt, key string) (*x509.Certificate, *tls.Certificate, error)
- func ParseCertificatesFromPEM(ca, crt, key []byte) (*x509.Certificate, *tls.Certificate, error)
- func Validator(_ *csr.CertificateRequest) error
- func WaitForCertificate(ctx context.Context, clientWOWatch client.Client, reqName string, ...) ([]byte, error)
- type Authority
- type Certificate
- type Option
- func WithCAConfig(caConfig *csr.CAConfig) Option
- func WithCAExpiry(expiry string) Option
- func WithCSRKeyRequest(keyRequest *csr.KeyRequest) Option
- func WithGroups(groups ...string) Option
- func WithKeyAlgo(algo string) Option
- func WithKeyRequest(keyRequest *csr.KeyRequest) Option
- func WithKeySize(size int) Option
- func WithNames(names ...csr.Name) Option
- func WithSANs(sans ...string) Option
- type SigningOption
Constants ¶
This section is empty.
Variables ¶
View Source
var ErrBlockNotFound = errors.New("block not found")
View Source
var ErrNotValidCACertificate = errors.New("not valid ca certificate")
View Source
var JQFilterApplyCaSelfSignedCert = `{
"key": .data."tls.key",
"crt": .data."tls.crt"
}`
Functions ¶
func ParseCertificate ¶
func ParseCertificate(crt []byte) (*x509.Certificate, error)
ParseCertificate parse x509 certificate PEM encoded
func ParseCertificatesFromBase64 ¶
func ParseCertificatesFromBase64(ca, crt, key string) (*x509.Certificate, *tls.Certificate, error)
ParseCertificatesFromBase64 parsing base64 input string and return ca cert and/or verified tls.Certificate
func ParseCertificatesFromPEM ¶
func ParseCertificatesFromPEM(ca, crt, key []byte) (*x509.Certificate, *tls.Certificate, error)
ParseCertificatesFromPEM parsing PEM input strings and return ca cert and/or verified tls.Certificate
func Validator ¶
func Validator(_ *csr.CertificateRequest) error
Validator does nothing and will never return an error. It exists because creating a csr.Generator requires a Validator.
func WaitForCertificate ¶
func WaitForCertificate(ctx context.Context, clientWOWatch client.Client, reqName string, reqUID types.UID, logger pkg.Logger) ([]byte, error)
modified client-go@v0.29.8/util/certificate/csr/csr.go
WaitForCertificate waits for a certificate to be issued until timeout, or returns an error.
Types ¶
type Certificate ¶
type Certificate struct {
Name string `json:"name,omitempty"`
Key []byte `json:"key"`
Cert []byte `json:"crt"`
CA []byte `json:"ca"`
}
func GenerateSelfSignedCert ¶
func GenerateSelfSignedCert(cn string, ca *Authority, options ...any) (*Certificate, error)
type Option ¶
type Option func(request *csr.CertificateRequest)
func WithCAConfig ¶
func WithCAExpiry ¶
func WithCSRKeyRequest ¶
func WithCSRKeyRequest(keyRequest *csr.KeyRequest) Option
WithCSRKeyRequest redeclare basic(ecdsa 2048) key alg and size
func WithGroups ¶
func WithKeyAlgo ¶
func WithKeyRequest ¶
func WithKeyRequest(keyRequest *csr.KeyRequest) Option
func WithKeySize ¶
type SigningOption ¶
func WithSigningDefaultExpiry ¶
func WithSigningDefaultExpiry(expiry time.Duration) SigningOption
func WithSigningDefaultUsage ¶
func WithSigningDefaultUsage(usage []string) SigningOption
Source Files
Click to show internal directories.
Click to hide internal directories.