Documentation
¶
Overview ¶
Package extensions defines cryptographic extensions for OpenShift. This package contains x509 extension object identifier constants and helpers for generating certificates on an OpenShift cluster.
Index ¶
Constants ¶
This section is empty.
Variables ¶
View Source
var (
// RedHatOID is the IANA assigned ObjectIdentifier for Red Hat Inc.
RedHatOID = asn1.ObjectIdentifier{1, 3, 6, 1, 4, 1, 2312}
// OpenShiftOID is the Red Hat assigned OID arc for OpenShift.
OpenShiftOID = oid(RedHatOID, 17)
)
View Source
var (
// OpenShiftServerSigningOID is the OpenShift assigned OID arc for certificates signed by the OpenShift server.
OpenShiftServerSigningOID = oid(OpenShiftOID, 100)
// OpenShiftServerSigningServiceOID describes the IANA arc for extensions to server certificates generated by the
// OpenShift service signing mechanism. All elements in this arc should only be used when signing server certificates
// for use under a service.
OpenShiftServerSigningServiceOID = oid(OpenShiftServerSigningOID, 2)
// OpenShiftServerSigningServiceUIDOID is an x509 extension that is applied to server certificates generated for services
// representing the UID of the service this certificate was generated for. This value is not guaranteed to match the
// current service UID if the certificates are in the process of being rotated out. The value MUST be an ASN.1
// PrintableString or UTF8String.
OpenShiftServerSigningServiceUIDOID = oid(OpenShiftServerSigningServiceOID, 1)
)
Functions ¶
func ServiceServerCertificateExtensionV1 ¶
func ServiceServerCertificateExtensionV1(svc *kapiv1.Service) crypto.CertificateExtensionFunc
ServiceServerCertificateExtensionV1 returns a CertificateExtensionFunc that will add the service UID as an x509 v3 extension to the server certificate.
Types ¶
This section is empty.
Source Files
Click to show internal directories.
Click to hide internal directories.