ca

package
v0.0.0-...-2ff2f1e Latest Latest
Warning

This package is not in the latest version of its module.

Go to latest
Published: Jan 3, 2025 License: Apache-2.0 Imports: 7 Imported by: 1

Documentation

Index

Constants

This section is empty.

Variables

This section is empty.

Functions

func NewIstioConfig

func NewIstioConfig(systemNamespace string) (string, error)

NewIstioConfig creates an extensions configuration for Istio, using the given system namespace in the DNS SANs.

Types

type Intermediate

type Intermediate struct {
	KeyFile  string
	ConfFile string
	CSRFile  string
	CertFile string
	Root     Root
}

IntermediateCA is an intermediate CA for a single cluster.

func NewIntermediate

func NewIntermediate(workDir, config string, root Root) (Intermediate, error)

NewIntermediate creates a new intermediate CA for the given cluster.

func (Intermediate) NewIstioCASecret

func (ca Intermediate) NewIstioCASecret() (*corev1.Secret, error)

NewIstioCASecret creates a secret (named "cacerts") containing the intermediate certificate and cert chain. If available when Istio starts, this will be used instead of Istio's autogenerated self-signed root (istio-ca-secret). This can be used in a multicluster environment in order to establish a common root of trust between the clusters.

type Root

type Root struct {
	// KeyFile is the path to the file containing the private key for the CA.
	KeyFile string

	// ConfFile is the path to the file containing the extensions configuration file.
	ConfFile string

	// CSRFile used to generate the cert.
	CSRFile string

	// CertFile the cert for the root CA.
	CertFile string
}

Root contains the cryptographic files for a self-signed root CA.

func NewRoot

func NewRoot(workDir string) (Root, error)

NewRoot generates the files for a new self-signed Root CA files under the given directory.

Jump to

Keyboard shortcuts

? : This menu
/ : Search site
f or F : Jump to
y or Y : Canonical URL