Documentation
¶
Index ¶
- Constants
- func DataPlaneRoutingName(routingId string) string
- func DataPlaneUserName(namespace string) string
- func ParseCert(certPemBytes []byte, privateKeyPemBytes []byte) (*x509.Certificate, *rsa.PrivateKey, error)
- func ValidateCert(cert *x509.Certificate, rotationThreshold time.Duration) error
- type KeyPair
- func CreateCACerts(ctx context.Context, expirationInterval time.Duration) (*KeyPair, error)
- func CreateCert(ctx context.Context, caKey *rsa.PrivateKey, caCertificate *x509.Certificate, ...) (*KeyPair, error)
- func CreateControlPlaneCert(ctx context.Context, caKey *rsa.PrivateKey, caCertificate *x509.Certificate, ...) (*KeyPair, error)deprecated
- func CreateDataPlaneCert(ctx context.Context, caKey *rsa.PrivateKey, caCertificate *x509.Certificate, ...) (*KeyPair, error)deprecated
- func NewKeyPair(privateKey *pem.Block, cert *pem.Block) *KeyPair
Constants ¶
const ( Organization = "knative.dev" LegacyFakeDnsName = "data-plane." + Organization FakeDnsName = LegacyFakeDnsName // Deprecated ControlPlaneName = "kn-control" //These keys are meant to line up with cert-manager, see //https://cert-manager.io/docs/usage/certificate/#additional-certificate-output-formats CaCertName = "ca.crt" CertName = "tls.crt" PrivateKeyName = "tls.key" //These should be able to be deprecated some time in the future when the new names are fully adopted SecretCaCertKey = "ca-cert.pem" SecretCertKey = "public-cert.pem" SecretPKKey = "private-key.pem" )
Variables ¶
This section is empty.
Functions ¶
func DataPlaneRoutingName ¶
DataPlaneRoutingName constructs a san for a data-plane-routing certificate Accepts a routingId - a unique identifier used as part of the san (default is "0" used when an empty routingId is provided)
func DataPlaneUserName ¶
DataPlaneUserName constructs a san for a data-plane-user certificate Accepts a namespace - the namespace for which the certificate was created
func ParseCert ¶
func ParseCert(certPemBytes []byte, privateKeyPemBytes []byte) (*x509.Certificate, *rsa.PrivateKey, error)
ParseCert parses a certificate/private key pair from serialized pem blocks
func ValidateCert ¶
func ValidateCert(cert *x509.Certificate, rotationThreshold time.Duration) error
ValidateCert checks the expiration of the certificate
Types ¶
type KeyPair ¶
type KeyPair struct {
// contains filtered or unexported fields
}
func CreateCACerts ¶
CreateCACerts generates the root CA cert
func CreateCert ¶
func CreateCert(ctx context.Context, caKey *rsa.PrivateKey, caCertificate *x509.Certificate, expirationInterval time.Duration, sans ...string) (*KeyPair, error)
CreateCert generates the certificate for use by client and server
func CreateControlPlaneCert
deprecated
func CreateControlPlaneCert(ctx context.Context, caKey *rsa.PrivateKey, caCertificate *x509.Certificate, expirationInterval time.Duration) (*KeyPair, error)
Deprecated: CreateControlPlaneCert generates the certificate for the client
func CreateDataPlaneCert
deprecated
func CreateDataPlaneCert(ctx context.Context, caKey *rsa.PrivateKey, caCertificate *x509.Certificate, expirationInterval time.Duration) (*KeyPair, error)
Deprecated: CreateDataPlaneCert generates the certificate for the server
func (*KeyPair) Parse ¶
func (kh *KeyPair) Parse() (*x509.Certificate, *rsa.PrivateKey, error)
Source Files
Directories