certificate

package

v1.9.1 Latest Latest Go to latest Published: Dec 23, 2024 License: Apache-2.0 Imports: 25 Imported by: 0

Details

Valid go.mod file
Redistributable license
Tagged version
Stable version
Learn more about best practices

Repository

github.com/kubermatic/kubeone

Links

Open Source Insights

Documentation ¶

Index ¶

Constants
func CAKeyPair(config *configupload.Configuration) (*rsa.PrivateKey, *x509.Certificate, error)
func DownloadKubePKI(s *state.State, _ *kubeoneapi.HostConfig, _ executor.Interface) error
func EncodePublicKeyPEM(key *rsa.PublicKey) ([]byte, error)
func GetCertificateSANs(host string, alternativeNames []string) []string
func NewPrivateKey() (*rsa.PrivateKey, error)
func NewSignedCert(cfg *certutil.Config, key crypto.Signer, caCert *x509.Certificate, ...) (*x509.Certificate, error)
func NewSignedKubernetesServiceTLSCert(name, namespace, domain string, caKey crypto.Signer, caCert *x509.Certificate) (map[string]string, error)
func UploadKubePKI(s *state.State, _ *kubeoneapi.HostConfig, _ executor.Interface) error

Constants ¶

View Source

const (
	KubernetesCACertPath = "/etc/kubernetes/pki/ca.crt"
	KubernetesCAKeyPath  = "/etc/kubernetes/pki/ca.key"
)

View Source

const (
	// PrivateKeyBlockType is a possible value for pem.Block.Type.
	PrivateKeyBlockType = "PRIVATE KEY"
	// PublicKeyBlockType is a possible value for pem.Block.Type.
	PublicKeyBlockType = "PUBLIC KEY"
	// CertificateBlockType is a possible value for pem.Block.Type.
	CertificateBlockType = "CERTIFICATE"
	// RSAPrivateKeyBlockType is a possible value for pem.Block.Type.
	RSAPrivateKeyBlockType = "RSA PRIVATE KEY"
)

Variables ¶

This section is empty.

Functions ¶

func CAKeyPair ¶

func CAKeyPair(config *configupload.Configuration) (*rsa.PrivateKey, *x509.Certificate, error)

CAKeyPair parses generated PKI CA certificate and key

func DownloadKubePKI ¶ added in v1.3.0

func DownloadKubePKI(s *state.State, _ *kubeoneapi.HostConfig, _ executor.Interface) error

func EncodePublicKeyPEM ¶ added in v1.0.0

func EncodePublicKeyPEM(key *rsa.PublicKey) ([]byte, error)

EncodePublicKeyPEM returns PEM-encoded public data

func GetCertificateSANs ¶ added in v1.4.0

func GetCertificateSANs(host string, alternativeNames []string) []string

GetCertificateSANs combines host name and subject alternative names into a list of SANs after transformation

func NewPrivateKey ¶ added in v1.0.0

func NewPrivateKey() (*rsa.PrivateKey, error)

NewPrivateKey creates an RSA private key

func NewSignedCert ¶ added in v1.0.0

func NewSignedCert(cfg *certutil.Config, key crypto.Signer, caCert *x509.Certificate, caKey crypto.Signer, notAfter time.Time) (*x509.Certificate, error)

NewSignedCert creates a signed certificate using the given CA certificate and key

func NewSignedKubernetesServiceTLSCert ¶ added in v1.9.0

func NewSignedKubernetesServiceTLSCert(name, namespace, domain string, caKey crypto.Signer, caCert *x509.Certificate) (map[string]string, error)

func UploadKubePKI ¶ added in v1.3.0

func UploadKubePKI(s *state.State, _ *kubeoneapi.HostConfig, _ executor.Interface) error

Types ¶

This section is empty.

Source Files ¶

View all Source files

Directories ¶

Path	Synopsis
cabundle

?	: This menu
/	: Search site
f or F	: Jump to
y or Y	: Canonical URL