Documentation ¶
Overview ¶
Copyright © 2021 NAME HERE <EMAIL ADDRESS>
Licensed under the Apache License, Version 2.0 (the "License"); you may not use this file except in compliance with the License. You may obtain a copy of the License at
http://www.apache.org/licenses/LICENSE-2.0
Unless required by applicable law or agreed to in writing, software distributed under the License is distributed on an "AS IS" BASIS, WITHOUT WARRANTIES OR CONDITIONS OF ANY KIND, either express or implied. See the License for the specific language governing permissions and limitations under the License.
Index ¶
- Constants
- Variables
- func EncodeCertPEM(cert *x509.Certificate) []byte
- func GeneratePrivateKey(keyType x509.PublicKeyAlgorithm) (crypto.Signer, error)
- func NewCACertAndKey() (*x509.Certificate, *crypto.Signer, error)
- func NewCertAndKey(caCert *x509.Certificate, caKey crypto.Signer, config *CertConfig) (*x509.Certificate, crypto.Signer, error)
- func NewCertificateAuthority(config *CertConfig) (*x509.Certificate, crypto.Signer, error)
- func NewSignedCert(cfg *CertConfig, key crypto.Signer, caCert *x509.Certificate, ...) (*x509.Certificate, error)
- func RemoveDuplicateAltNames(altNames *certutil.AltNames)
- func WriteCert(pkiPath, name string, cert *x509.Certificate) error
- func WriteCertAndKey(pkiPath, pkiName string, ca *x509.Certificate, key *crypto.Signer) error
- func WriteKey(pkiPath, name string, key crypto.Signer) error
- type CertAndKeyFileName
- type CertConfig
- type Config
Constants ¶
const (
// CertificateBlockType is a possible value for pem.Block.Type.
CertificateBlockType = "CERTIFICATE"
)
Variables ¶
var NewPrivateKey = GeneratePrivateKey
NewPrivateKey returns a new private key.
Functions ¶
func EncodeCertPEM ¶
func EncodeCertPEM(cert *x509.Certificate) []byte
EncodeCertPEM returns PEM-endcoded certificate data
func GeneratePrivateKey ¶
func GeneratePrivateKey(keyType x509.PublicKeyAlgorithm) (crypto.Signer, error)
func NewCACertAndKey ¶
func NewCACertAndKey() (*x509.Certificate, *crypto.Signer, error)
NewCACertAndKey The public and private keys of the root certificate are returned
func NewCertAndKey ¶
func NewCertAndKey(caCert *x509.Certificate, caKey crypto.Signer, config *CertConfig) (*x509.Certificate, crypto.Signer, error)
NewCertAndKey creates new certificate and key by passing the certificate authority certificate and key
func NewCertificateAuthority ¶
func NewCertificateAuthority(config *CertConfig) (*x509.Certificate, crypto.Signer, error)
NewCertificateAuthority creates new certificate and private key for the certificate authority
func NewSignedCert ¶
func NewSignedCert(cfg *CertConfig, key crypto.Signer, caCert *x509.Certificate, caKey crypto.Signer, isCA bool) (*x509.Certificate, error)
NewSignedCert creates a signed certificate using the given CA certificate and key
func RemoveDuplicateAltNames ¶
RemoveDuplicateAltNames removes duplicate items in altNames.
func WriteCert ¶
func WriteCert(pkiPath, name string, cert *x509.Certificate) error
WriteCert stores the given certificate at the given location
func WriteCertAndKey ¶
WriteCertAndKey Write certificate and key to file.
Types ¶
type CertAndKeyFileName ¶
type CertAndKeyFileName struct { CACertFileName string CAKeyFileName string EtcdServerCertFileName string EtcdServerKeyFileName string EtcdClientCertFileName string EtcdClientKeFileName string KArmadaCertFileName string KArmadaKeyFileName string ALLCertFileName []string ALLKeyFileName []string }
CertAndKeyFileName is generate certificate and key file name
type CertConfig ¶
type CertConfig struct { certutil.Config NotAfter *time.Time PublicKeyAlgorithm x509.PublicKeyAlgorithm }
CertConfig is a wrapper around certutil.Config extending it with PublicKeyAlgorithm.
type Config ¶
type Config struct { PkiPath string Namespace string EtcdStatefulSetName string EtcdServiceName string EtcdReplicas int32 KArmadaMasterIP []net.IP KArmadaApiServerServiceName string KArmadaWebhookServiceName string FlagsExternalIP string }
Config certificate information
func (*Config) CertificateGeneration ¶
func (c *Config) CertificateGeneration() (*CertAndKeyFileName, error)
Create CA certificate and sign etcd karma certificate.