cert

package
v1.12.1 Latest Latest
Warning

This package is not in the latest version of its module.

Go to latest
Published: Dec 13, 2024 License: Apache-2.0 Imports: 22 Imported by: 0

Documentation

Index

Constants

View Source
const (

	// Duration365d Certificate validity period
	Duration365d = time.Hour * 24 * 365
)

Variables

View Source
var NewPrivateKey = GeneratePrivateKey

NewPrivateKey returns a new private key.

Functions

func EncodeCertPEM

func EncodeCertPEM(cert *x509.Certificate) []byte

EncodeCertPEM returns PEM-encoded certificate data

func GenCerts

func GenCerts(pkiPath, caCertFile, caKeyFile string, etcdServerCertCfg, etcdClientCertCfg, karmadaCertCfg, apiserverCertCfg, frontProxyClientCertCfg *CertsConfig) error

GenCerts Create CA certificate and sign etcd karmada certificate.

func GeneratePrivateKey

func GeneratePrivateKey(keyType x509.PublicKeyAlgorithm) (crypto.Signer, error)

GeneratePrivateKey generates a certificate key. It supports both ECDSA (using the P-256 elliptic curve) and RSA algorithms. For RSA, the key is generated with a size of 3072 bits. If the keyType is x509.UnknownPublicKeyAlgorithm, the function defaults to generating an RSA key.

func NewCACertAndKey

func NewCACertAndKey(cn string) (*x509.Certificate, *crypto.Signer, error)

NewCACertAndKey The public and private keys of the root certificate are returned

func NewCertAndKey

func NewCertAndKey(caCert *x509.Certificate, caKey crypto.Signer, config *CertsConfig) (*x509.Certificate, crypto.Signer, error)

NewCertAndKey creates new certificate and key by passing the certificate authority certificate and key

func NewCertificateAuthority

func NewCertificateAuthority(config *CertsConfig) (*x509.Certificate, crypto.Signer, error)

NewCertificateAuthority creates new certificate and private key for the certificate authority

func NewSignedCert

func NewSignedCert(cfg *CertsConfig, key crypto.Signer, caCert *x509.Certificate, caKey crypto.Signer, isCA bool) (*x509.Certificate, error)

NewSignedCert creates a signed certificate using the given CA certificate and key

func PathForCert

func PathForCert(pkiPath, name string) string

PathForCert returns the paths for the certificate given the path and basename.

func PathForKey

func PathForKey(pkiPath, name string) string

PathForKey returns the paths for the key given the path and basename.

func RemoveDuplicateAltNames

func RemoveDuplicateAltNames(altNames *certutil.AltNames)

RemoveDuplicateAltNames removes duplicate items in altNames.

func WriteCert

func WriteCert(pkiPath, name string, cert *x509.Certificate) error

WriteCert stores the given certificate at the given location

func WriteCertAndKey

func WriteCertAndKey(pkiPath, pkiName string, ca *x509.Certificate, key *crypto.Signer) error

WriteCertAndKey Write certificate and key to file.

func WriteKey

func WriteKey(pkiPath, name string, key crypto.Signer) error

WriteKey stores the given key at the given location

Types

type CertsConfig

type CertsConfig struct {
	certutil.Config
	NotAfter           *time.Time
	PublicKeyAlgorithm x509.PublicKeyAlgorithm
}

CertsConfig is a wrapper around certutil.Config extending it with PublicKeyAlgorithm.

func NewCertConfig

func NewCertConfig(cn string, org []string, altNames certutil.AltNames, notAfter *time.Time) *CertsConfig

NewCertConfig create new CertConfig

Jump to

Keyboard shortcuts

? : This menu
/ : Search site
f or F : Jump to
y or Y : Canonical URL