Documentation
¶
Index ¶
Constants ¶
View Source
const ( // SignerLifetime is the default lifetime for the signer cert SignerLifetime = 48 * time.Hour // SignerRefresh is the default refresh time for the signer cert SignerRefresh = 24 * time.Hour // ServerLifetime is the default lifetime for the server cert ServerLifetime = 24 * time.Hour // ServerRefresh is the default refresh time for the server cert ServerRefresh = 12 * time.Hour // ClientLifetime is the default lifetime for the client cert ClientLifetime = 24 * time.Hour // ClientRefresh is the default refresh time for the client cert ClientRefresh = 12 * time.Hour )
Variables ¶
This section is empty.
Functions ¶
This section is empty.
Types ¶
type CertificateConfig ¶ added in v1.29.0
CertificateConfig contains cert configuration data
type CertificateDefinition ¶
type CertificateDefinition struct {
// configurable by user
Configurable bool
// current CA key/cert
SignerSecret *corev1.Secret
SignerConfig CertificateConfig
// all valid CA certs
CertBundleConfigmap *corev1.ConfigMap
// current key/cert for target
TargetSecret *corev1.Secret
TargetConfig CertificateConfig
// only one of the following should be set
// contains target key/cert for server
TargetService *string
// contains target user name
TargetUser *string
}
CertificateDefinition contains the data required to create/manage certtificate chains
func CreateCertificateDefinitions ¶
func CreateCertificateDefinitions(args *FactoryArgs) []CertificateDefinition
CreateCertificateDefinitions creates certificate definitions
type FactoryArgs ¶
type FactoryArgs struct {
Namespace string
SignerDuration *time.Duration
// Duration to subtract from cert NotAfter value
SignerRenewBefore *time.Duration
ServerDuration *time.Duration
// Duration to subtract from cert NotAfter value
ServerRenewBefore *time.Duration
ClientDuration *time.Duration
// Duration to subtract from cert NotAfter value
ClientRenewBefore *time.Duration
}
FactoryArgs contains the required parameters to generate certs
Source Files
Click to show internal directories.
Click to hide internal directories.