certs

package
v0.1.1 Latest Latest
Warning

This package is not in the latest version of its module.

Go to latest
Published: Apr 11, 2023 License: Apache-2.0 Imports: 12 Imported by: 0

Documentation

Index

Constants

This section is empty.

Variables

This section is empty.

Functions

This section is empty.

Types

type CertPair

type CertPair struct {
	Key  crypto.Signer
	Cert *x509.Certificate
}

CertPair is a private key and certificate for use for client auth, as a CA, or serving.

func (CertPair) AsBytes

func (k CertPair) AsBytes() (cert []byte, key []byte, err error)

AsBytes encodes keypair in the appropriate formats for on-disk storage (PEM and PKCS8, respectively).

func (CertPair) CertBytes

func (k CertPair) CertBytes() []byte

CertBytes returns the PEM-encoded version of the certificate for this pair.

type ClientInfo

type ClientInfo struct {
	// Name is the user name (embedded as the cert's CommonName)
	Name string
	// Groups are the groups to which this user belongs (embedded as the cert's
	// Organization)
	Groups []string
}

ClientInfo describes some Kubernetes user for the purposes of creating client certificates.

type TinyCA

type TinyCA struct {
	CA CertPair
	// contains filtered or unexported fields
}

TinyCA supports signing serving certs and client-certs, and can be used as an auth mechanism with envtest.

func NewTinyCA

func NewTinyCA() (*TinyCA, error)

NewTinyCA creates a new a tiny CA utility for provisioning serving certs and client certs FOR TESTING ONLY. Don't use this for anything else!

func (*TinyCA) NewClientCert

func (c *TinyCA) NewClientCert(user ClientInfo) (CertPair, error)

NewClientCert produces a new CertPair suitable for use with Kubernetes client cert auth with an API server validating based on this CA.

func (*TinyCA) NewServingCert

func (c *TinyCA) NewServingCert(names []string, additionalDNSNames []string) (CertPair, error)

NewServingCert returns a new CertPair for a serving HTTPS on localhost (or other specified names).

Jump to

Keyboard shortcuts

? : This menu
/ : Search site
f or F : Jump to
y or Y : Canonical URL