pkiutil

package
v1.13.0-alpha.3 Latest Latest
Warning

This package is not in the latest version of its module.

Go to latest
Published: Oct 31, 2018 License: Apache-2.0 Imports: 14 Imported by: 0

Documentation

Index

Constants

This section is empty.

Variables

This section is empty.

Functions

func CertOrKeyExist

func CertOrKeyExist(pkiPath, name string) bool

CertOrKeyExist returns a boolean whether the cert or the key exists

func GetAPIServerAltNames added in v1.10.0

func GetAPIServerAltNames(cfg *kubeadmapi.InitConfiguration) (*certutil.AltNames, error)

GetAPIServerAltNames builds an AltNames object for to be used when generating apiserver certificate

func GetEtcdAltNames added in v1.10.0

func GetEtcdAltNames(cfg *kubeadmapi.InitConfiguration) (*certutil.AltNames, error)

GetEtcdAltNames builds an AltNames object for generating the etcd server certificate. `advertise address` and localhost are included in the SAN since this is the interfaces the etcd static pod listens on. The user can override the listen address with `Etcd.ExtraArgs` and add SANs with `Etcd.ServerCertSANs`.

func GetEtcdPeerAltNames added in v1.10.0

func GetEtcdPeerAltNames(cfg *kubeadmapi.InitConfiguration) (*certutil.AltNames, error)

GetEtcdPeerAltNames builds an AltNames object for generating the etcd peer certificate. Hostname and `API.AdvertiseAddress` are included if the user chooses to promote the single node etcd cluster into a multi-node one (stacked etcd). The user can override the listen address with `Etcd.ExtraArgs` and add SANs with `Etcd.PeerCertSANs`.

func HasServerAuth added in v1.8.0

func HasServerAuth(cert *x509.Certificate) bool

HasServerAuth returns true if the given certificate is a ServerAuth

func NewCertAndKey

func NewCertAndKey(caCert *x509.Certificate, caKey *rsa.PrivateKey, config *certutil.Config) (*x509.Certificate, *rsa.PrivateKey, error)

NewCertAndKey creates new certificate and key by passing the certificate authority certificate and key

func NewCertificateAuthority

func NewCertificateAuthority(config *certutil.Config) (*x509.Certificate, *rsa.PrivateKey, error)

NewCertificateAuthority creates new certificate and private key for the certificate authority

func PathsForCertAndKey added in v1.12.0

func PathsForCertAndKey(pkiPath, name string) (string, string)

PathsForCertAndKey returns the paths for the certificate and key given the path and basename.

func TryLoadCertAndKeyFromDisk

func TryLoadCertAndKeyFromDisk(pkiPath, name string) (*x509.Certificate, *rsa.PrivateKey, error)

TryLoadCertAndKeyFromDisk tries to load a cert and a key from the disk and validates that they are valid

func TryLoadCertFromDisk

func TryLoadCertFromDisk(pkiPath, name string) (*x509.Certificate, error)

TryLoadCertFromDisk tries to load the cert from the disk and validates that it is valid

func TryLoadKeyFromDisk

func TryLoadKeyFromDisk(pkiPath, name string) (*rsa.PrivateKey, error)

TryLoadKeyFromDisk tries to load the key from the disk and validates that it is valid

func TryLoadPrivatePublicKeyFromDisk added in v1.8.0

func TryLoadPrivatePublicKeyFromDisk(pkiPath, name string) (*rsa.PrivateKey, *rsa.PublicKey, error)

TryLoadPrivatePublicKeyFromDisk tries to load the key from the disk and validates that it is valid

func WriteCert

func WriteCert(pkiPath, name string, cert *x509.Certificate) error

WriteCert stores the given certificate at the given location

func WriteCertAndKey

func WriteCertAndKey(pkiPath string, name string, cert *x509.Certificate, key *rsa.PrivateKey) error

WriteCertAndKey stores certificate and key at the specified location

func WriteKey

func WriteKey(pkiPath, name string, key *rsa.PrivateKey) error

WriteKey stores the given key at the given location

func WritePublicKey

func WritePublicKey(pkiPath, name string, key *rsa.PublicKey) error

WritePublicKey stores the given public key at the given location

Types

This section is empty.

Jump to

Keyboard shortcuts

? : This menu
/ : Search site
f or F : Jump to
y or Y : Canonical URL