pkiutil

package
v1.10.6 Latest Latest
Warning

This package is not in the latest version of its module.

Go to latest
Published: Aug 8, 2018 License: Apache-2.0 Imports: 12 Imported by: 0

Documentation

Index

Constants

This section is empty.

Variables

This section is empty.

Functions

func CertOrKeyExist

func CertOrKeyExist(pkiPath, name string) bool

CertOrKeyExist returns a boolean whether the cert or the key exists

func GetAPIServerAltNames added in v1.10.6

func GetAPIServerAltNames(cfg *kubeadmapi.MasterConfiguration) (*certutil.AltNames, error)

GetAPIServerAltNames builds an AltNames object for to be used when generating apiserver certificate

func GetEtcdAltNames added in v1.10.6

func GetEtcdAltNames(cfg *kubeadmapi.MasterConfiguration) (*certutil.AltNames, error)

GetEtcdAltNames builds an AltNames object for generating the etcd server certificate. `localhost` is included in the SAN since this is the interface the etcd static pod listens on. Hostname and `API.AdvertiseAddress` are excluded since etcd does not listen on this interface by default. The user can override the listen address with `Etcd.ExtraArgs` and add SANs with `Etcd.ServerCertSANs`.

func GetEtcdPeerAltNames added in v1.10.6

func GetEtcdPeerAltNames(cfg *kubeadmapi.MasterConfiguration) (*certutil.AltNames, error)

GetEtcdPeerAltNames builds an AltNames object for generating the etcd peer certificate. `localhost` is excluded from the SAN since etcd will not refer to itself as a peer. Hostname and `API.AdvertiseAddress` are included if the user chooses to promote the single node etcd cluster into a multi-node one. The user can override the listen address with `Etcd.ExtraArgs` and add SANs with `Etcd.PeerCertSANs`.

func HasServerAuth added in v1.8.0

func HasServerAuth(cert *x509.Certificate) bool

HasServerAuth returns true if the given certificate is a ServerAuth

func NewCertAndKey

func NewCertAndKey(caCert *x509.Certificate, caKey *rsa.PrivateKey, config certutil.Config) (*x509.Certificate, *rsa.PrivateKey, error)

NewCertAndKey creates new certificate and key by passing the certificate authority certificate and key

func NewCertificateAuthority

func NewCertificateAuthority() (*x509.Certificate, *rsa.PrivateKey, error)

NewCertificateAuthority creates new certificate and private key for the certificate authority

func TryLoadCertAndKeyFromDisk

func TryLoadCertAndKeyFromDisk(pkiPath, name string) (*x509.Certificate, *rsa.PrivateKey, error)

TryLoadCertAndKeyFromDisk tries to load a cert and a key from the disk and validates that they are valid

func TryLoadCertFromDisk

func TryLoadCertFromDisk(pkiPath, name string) (*x509.Certificate, error)

TryLoadCertFromDisk tries to load the cert from the disk and validates that it is valid

func TryLoadKeyFromDisk

func TryLoadKeyFromDisk(pkiPath, name string) (*rsa.PrivateKey, error)

TryLoadKeyFromDisk tries to load the key from the disk and validates that it is valid

func TryLoadPrivatePublicKeyFromDisk added in v1.8.0

func TryLoadPrivatePublicKeyFromDisk(pkiPath, name string) (*rsa.PrivateKey, *rsa.PublicKey, error)

TryLoadPrivatePublicKeyFromDisk tries to load the key from the disk and validates that it is valid

func WriteCert

func WriteCert(pkiPath, name string, cert *x509.Certificate) error

WriteCert stores the given certificate at the given location

func WriteCertAndKey

func WriteCertAndKey(pkiPath string, name string, cert *x509.Certificate, key *rsa.PrivateKey) error

WriteCertAndKey stores certificate and key at the specified location

func WriteKey

func WriteKey(pkiPath, name string, key *rsa.PrivateKey) error

WriteKey stores the given key at the given location

func WritePublicKey

func WritePublicKey(pkiPath, name string, key *rsa.PublicKey) error

WritePublicKey stores the given public key at the given location

Types

This section is empty.

Jump to

Keyboard shortcuts

? : This menu
/ : Search site
f or F : Jump to
y or Y : Canonical URL