Documentation
¶
Index ¶
Constants ¶
This section is empty.
Variables ¶
This section is empty.
Functions ¶
This section is empty.
Types ¶
type CertificateAuthority ¶
type CertificateAuthority interface {
// Sign generates a certificate for a workload or CA, from the given CSR and TTL.
Sign(csrPEM []byte, ttl time.Duration) ([]byte, error)
// GetCAKeyCertBundle returns the KeyCertBundle used by CA.
GetCAKeyCertBundle() util.KeyCertBundle
}
CertificateAuthority contains methods to be supported by a CA.
type IstioCA ¶
type IstioCA struct {
// contains filtered or unexported fields
}
IstioCA generates keys and certificates for Istio identities.
func NewIstioCA ¶
func NewIstioCA(opts *IstioCAOptions) (*IstioCA, error)
NewIstioCA returns a new IstioCA instance.
func (*IstioCA) GetCAKeyCertBundle ¶
func (ca *IstioCA) GetCAKeyCertBundle() util.KeyCertBundle
GetCAKeyCertBundle returns the KeyCertBundle for the CA.
type IstioCAOptions ¶
type IstioCAOptions struct {
CAType cATypes
CertTTL time.Duration
MaxCertTTL time.Duration
KeyCertBundle util.KeyCertBundle
LivenessProbeOptions *probe.Options
ProbeCheckInterval time.Duration
// contains filtered or unexported fields
}
IstioCAOptions holds the configurations for creating an Istio CA. TODO(myidpt): remove IstioCAOptions.
func NewPluggedCertIstioCAOptions ¶
func NewPluggedCertIstioCAOptions(certChainFile, signingCertFile, signingKeyFile, rootCertFile string, certTTL, maxCertTTL time.Duration, multicluster bool) (caOpts *IstioCAOptions, err error)
NewPluggedCertIstioCAOptions returns a new IstioCAOptions instance using given certificate.
func NewSelfSignedIstioCAOptions ¶
func NewSelfSignedIstioCAOptions(caCertTTL, certTTL, maxCertTTL time.Duration, multicluster bool, org string, namespace string, core corev1.SecretsGetter) (caOpts *IstioCAOptions, err error)
NewSelfSignedIstioCAOptions returns a new IstioCAOptions instance using self-signed certificate.
Source Files
Directories
Click to show internal directories.
Click to hide internal directories.