gen_cert

package

v4.0.4 Latest Latest Go to latest Published: Apr 3, 2026 License: Apache-2.0 Imports: 24 Imported by: 0

Details

Valid go.mod file
Redistributable license
Tagged version
Stable version
Learn more about best practices

Repository

github.com/kubesphere/kubekey

Links

Open Source Insights

Documentation ¶

Index ¶

func EncodeCertPEM(cert *x509.Certificate) []byte
func ModuleGenCert(ctx context.Context, opts internal.ExecOptions) (string, string, error)
func NewSelfSignedCACert(cfg cgutilcert.Config, after time.Duration, key crypto.Signer) (*x509.Certificate, error)
func NewSignedCert(cfg cgutilcert.Config, after time.Duration, key crypto.Signer, ...) (*x509.Certificate, error)
func RemoveDuplicateAltNames(altNames *cgutilcert.AltNames)
func TryLoadCertChainFromDisk(rootCert string) ([]*x509.Certificate, error)
func TryLoadKeyFromDisk(rootKey string) (crypto.Signer, error)
func ValidateCertPeriod(cert *x509.Certificate, offset time.Duration) error
func VerifyCertChain(cert *x509.Certificate, intermediates []*x509.Certificate, ...) error
func WriteCert(outCert string, cert *x509.Certificate, policy string) error
func WriteKey(outKey string, key crypto.Signer, policy string) error

Constants ¶

This section is empty.

Variables ¶

This section is empty.

Functions ¶

func EncodeCertPEM ¶

func EncodeCertPEM(cert *x509.Certificate) []byte

EncodeCertPEM encodes the given certificate into PEM format.

func ModuleGenCert ¶

func ModuleGenCert(ctx context.Context, opts internal.ExecOptions) (string, string, error)

ModuleGenCert is the entry point for the "gen_cert" module, responsible for generating SSL/TLS certificates.

func NewSelfSignedCACert ¶

func NewSelfSignedCACert(cfg cgutilcert.Config, after time.Duration, key crypto.Signer) (*x509.Certificate, error)

NewSelfSignedCACert creates a new self-signed CA certificate.

func NewSignedCert ¶

func NewSignedCert(cfg cgutilcert.Config, after time.Duration, key crypto.Signer, caCert *x509.Certificate, caKey crypto.Signer, isCA bool) (*x509.Certificate, error)

NewSignedCert creates a certificate signed by the given CA certificate and key.

func RemoveDuplicateAltNames ¶

func RemoveDuplicateAltNames(altNames *cgutilcert.AltNames)

RemoveDuplicateAltNames eliminates duplicate entries from the AltNames struct.

func TryLoadCertChainFromDisk ¶

func TryLoadCertChainFromDisk(rootCert string) ([]*x509.Certificate, error)

TryLoadCertChainFromDisk loads a certificate chain from the specified file.

func TryLoadKeyFromDisk ¶

func TryLoadKeyFromDisk(rootKey string) (crypto.Signer, error)

TryLoadKeyFromDisk attempts to load and validate a private key from disk.

func ValidateCertPeriod ¶

func ValidateCertPeriod(cert *x509.Certificate, offset time.Duration) error

ValidateCertPeriod checks whether the certificate is currently valid, considering the given offset.

func VerifyCertChain ¶

func VerifyCertChain(cert *x509.Certificate, intermediates []*x509.Certificate, root *x509.Certificate) error

VerifyCertChain ensures that a certificate has a valid chain of trust back to the root CA.

func WriteCert ¶

func WriteCert(outCert string, cert *x509.Certificate, policy string) error

WriteCert writes the given certificate to the specified file path.

func WriteKey ¶

func WriteKey(outKey string, key crypto.Signer, policy string) error

WriteKey writes the given private key to the specified file path.

Types ¶

This section is empty.

Source Files ¶

View all Source files

gen_cert.go

?	: This menu
/	: Search site
f or F	: Jump to
y or Y	: Canonical URL