certs

package
v0.0.0-...-fc29aca Latest Latest
Warning

This package is not in the latest version of its module.

 Go to latest Published: Mar 13, 2024 License: UPL-1.0 Imports: 14 Imported by: 0

Documentation

Index

Constants

This section is empty.

Variables

View Source 
var (

	// SerialNumberLimit is the maximum number used as a certificate serial number
	SerialNumberLimit = new(big.Int).Lsh(big.NewInt(1), 128)
)

Functions

func CanReuseCA 

func CanReuseCA(ca *CA, expirationSafetyMargin time.Duration) bool

func CertIsValid 

func CertIsValid(cert x509.Certificate, expirationSafetyMargin time.Duration) bool

func RotateIn 

func RotateIn(now time.Time, certExpiration time.Time, certRotateBefore time.Duration) time.Duration

RotateIn determines when a cert should be rotated

Types

type CA 

type CA struct {
	// PrivateKey is the CA private key
	PrivateKey *rsa.PrivateKey
	// Cert is the certificate used to issue new certificates
	Cert *x509.Certificate
}

CA is a simple certificate authority

func BuildCAFromSecret 

func BuildCAFromSecret(caInternalSecret corev1.Secret) *CA

BuildCAFromSecret parses the given secret into a CA. It returns nil if the secrets could not be parsed into a CA.

func CreateSelfSignedCA 

func CreateSelfSignedCA() (*CA, error)

func (*CA) PopulateSecret 

func (c *CA) PopulateSecret(secret *corev1.Secret)

func (*CA) ShouldRenew 

func (c *CA) ShouldRenew(rotateBefore time.Duration) bool

type WebhookCertificates 

type WebhookCertificates struct {
	CaCert     []byte
	ServerKey  []byte
	ServerCert []byte
}

WebhookCertificates holds the artifacts used by the webhook server and the webhook configuration.

Source Files

View all Source files

Jump to

Keyboard shortcuts

? : This menu
/ : Search site
f or F : Jump to
y or Y : Canonical URL
go.dev uses cookies from Google to deliver and enhance the quality of its services and to analyze traffic. Learn more.