Documentation
¶
Index ¶
- Constants
- Variables
- func CreateBasic(serverURL, userName, clusterName string, caCert []byte) *clientcmdapi.Config
- func CreateWithCerts(serverURL, userName, clusterName string, caCert []byte, clientKey []byte, ...) *clientcmdapi.Config
- func EncodeCertPEM(cert *x509.Certificate) []byte
- func GenCerts(...) (map[string][]byte, error)
- func GeneratePrivateKey(keyType x509.PublicKeyAlgorithm) (crypto.Signer, error)
- func NewCACertAndKey(cn string) (*x509.Certificate, crypto.Signer, error)
- func NewCertAndKey(caCert *x509.Certificate, caKey crypto.Signer, config *CertsConfig) (*x509.Certificate, crypto.Signer, error)
- func NewCertificateAuthority(config *CertsConfig) (*x509.Certificate, crypto.Signer, error)
- func NewSignedCert(cfg *CertsConfig, key crypto.Signer, caCert *x509.Certificate, ...) (*x509.Certificate, error)
- func PathForCert(pkiPath, name string) string
- func PathForKey(pkiPath, name string) string
- func RemoveDuplicateAltNames(altNames *certutil.AltNames)
- func WriteCert(pkiPath, name string, cert *x509.Certificate) error
- type CertsConfig
Constants ¶
const ( // Duration365d Certificate validity period Duration365d = time.Hour * 24 * 365 )
Variables ¶
var NewPrivateKey = GeneratePrivateKey
NewPrivateKey returns a new private key.
Functions ¶
func CreateBasic ¶
func CreateBasic(serverURL, userName, clusterName string, caCert []byte) *clientcmdapi.Config
CreateBasic creates a basic, general KubeConfig object that then can be extended
func CreateWithCerts ¶
func CreateWithCerts(serverURL, userName, clusterName string, caCert []byte, clientKey []byte, clientCert []byte) *clientcmdapi.Config
CreateWithCerts creates a KubeConfig object with access to the API server with client certificates
func EncodeCertPEM ¶
func EncodeCertPEM(cert *x509.Certificate) []byte
EncodeCertPEM returns PEM-endcoded certificate data
func GenCerts ¶
func GenCerts(etcdServerCertCfg, etcdClientCertCfg, karmadaCertCfg, apiserverCertCfg, frontProxyClientCertCfg *CertsConfig) (map[string][]byte, error)
GenCerts Create CA certificate and sign etcd karmada certificate.
func GeneratePrivateKey ¶
func GeneratePrivateKey(keyType x509.PublicKeyAlgorithm) (crypto.Signer, error)
GeneratePrivateKey Generate CA Private Key
func NewCACertAndKey ¶
NewCACertAndKey The public and private keys of the root certificate are returned
func NewCertAndKey ¶
func NewCertAndKey(caCert *x509.Certificate, caKey crypto.Signer, config *CertsConfig) (*x509.Certificate, crypto.Signer, error)
NewCertAndKey creates new certificate and key by passing the certificate authority certificate and key
func NewCertificateAuthority ¶
func NewCertificateAuthority(config *CertsConfig) (*x509.Certificate, crypto.Signer, error)
NewCertificateAuthority creates new certificate and private key for the certificate authority
func NewSignedCert ¶
func NewSignedCert(cfg *CertsConfig, key crypto.Signer, caCert *x509.Certificate, caKey crypto.Signer, isCA bool) (*x509.Certificate, error)
NewSignedCert creates a signed certificate using the given CA certificate and key
func PathForCert ¶
PathForCert returns the paths for the certificate given the path and basename.
func PathForKey ¶
PathForKey returns the paths for the key given the path and basename.
func RemoveDuplicateAltNames ¶
RemoveDuplicateAltNames removes duplicate items in altNames.
Types ¶
type CertsConfig ¶
type CertsConfig struct {
certutil.Config
NotAfter *time.Time
PublicKeyAlgorithm x509.PublicKeyAlgorithm
}
CertsConfig is a wrapper around certutil.Config extending it with PublicKeyAlgorithm.
func NewCertConfig ¶
func NewCertConfig(cn string, org []string, altNames certutil.AltNames, notAfter *time.Time) *CertsConfig
NewCertConfig create new CertConfig
Source Files