Documentation ¶
Overview ¶
Package extensions defines cryptographic extensions for OpenShift. This package contains x509 extension object identifier constants and helpers for generating certificates on an OpenShift cluster.
Index ¶
Constants ¶
This section is empty.
Variables ¶
View Source
var ( // RedHatOID is the IANA assigned ObjectIdentifier for Red Hat Inc. RedHatOID = asn1.ObjectIdentifier{1, 3, 6, 1, 4, 1, 2312} // OpenShiftOID is the Red Hat assigned OID arc for OpenShift. OpenShiftOID = oid(RedHatOID, 17) )
View Source
var ( // OpenShiftServerSigningOID is the OpenShift assigned OID arc for certificates signed by the OpenShift server. OpenShiftServerSigningOID = oid(OpenShiftOID, 100) // OpenShiftServerSigningServiceOID describes the IANA arc for extensions to server certificates generated by the // OpenShift service signing mechanism. All elements in this arc should only be used when signing server certificates // for use under a service. OpenShiftServerSigningServiceOID = oid(OpenShiftServerSigningOID, 2) // OpenShiftServerSigningServiceUIDOID is an x509 extension that is applied to server certificates generated for services // representing the UID of the service this certificate was generated for. This value is not guaranteed to match the // current service UID if the certificates are in the process of being rotated out. The value MUST be an ASN.1 // PrintableString or UTF8String. OpenShiftServerSigningServiceUIDOID = oid(OpenShiftServerSigningServiceOID, 1) )
Functions ¶
func ServiceServerCertificateExtensionV1 ¶
func ServiceServerCertificateExtensionV1(svc *kapiv1.Service) crypto.CertificateExtensionFunc
ServiceServerCertificateExtensionV1 returns a CertificateExtensionFunc that will add the service UID as an x509 v3 extension to the server certificate.
Types ¶
This section is empty.
Click to show internal directories.
Click to hide internal directories.