Documentation
¶
Index ¶
Constants ¶
This section is empty.
Variables ¶
This section is empty.
Functions ¶
func NewIstioConfig ¶
NewIstioConfig creates an extensions configuration for Istio, using the given system namespace in the DNS SANs.
Types ¶
type Intermediate ¶
type Intermediate struct {
KeyFile string
ConfFile string
CSRFile string
CertFile string
Root Root
}
IntermediateCA is an intermediate CA for a single cluster.
func NewIntermediate ¶
func NewIntermediate(workDir, config string, root Root) (Intermediate, error)
NewIntermediate creates a new intermediate CA for the given cluster.
func (Intermediate) NewIstioCASecret ¶
func (ca Intermediate) NewIstioCASecret() (*corev1.Secret, error)
NewIstioCASecret creates a secret (named "cacerts") containing the intermediate certificate and cert chain. If available when Istio starts, this will be used instead of Istio's autogenerated self-signed root (istio-ca-secret). This can be used in a multicluster environment in order to establish a common root of trust between the clusters.
type Root ¶
type Root struct {
// KeyFile is the path to the file containing the private key for the CA.
KeyFile string
// ConfFile is the path to the file containing the extensions configuration file.
ConfFile string
// CSRFile used to generate the cert.
CSRFile string
// CertFile the cert for the root CA.
CertFile string
}
Root contains the cryptographic files for a self-signed root CA.
Source Files
Click to show internal directories.
Click to hide internal directories.