# Functions
CertToPem converts an x509.Certificate object to a pem string.
CSRToPem converts an x509.CertificateRequest to a pem string.
GenerateSelfSignedCertificate generates a key/cert pair defined by CertCfg.
GenerateSignedCertificate generate a key and cert defined by CertCfg and signed by CA.
PemToCertificate converts a data block to x509.Certificate.
PemToPrivateKey converts a data block to rsa.PrivateKey.
PrivateKey generates an RSA Private key and returns the value.
PrivateKeyToPem converts an rsa.PrivateKey object to pem string.
PublicKeyToPem converts an rsa.PublicKey object to pem string.
SelfSignedCertificate creates a self signed certificate.
SignedCertificate creates a new X.509 certificate based on a template.
# Constants
AppendParent indicates that the parent's cert should be added.
DoNotAppendParent indicates that the parent's cert should not be added.
ValidityOneDay sets the validity of a cert to 24 hours.
ValidityOneYear sets the validity of a cert to 1 year.
ValidityTenYears sets the validity of a cert to 10 years.
# Structs
AdminKubeConfigCABundle is the asset the generates the admin-kubeconfig-ca-bundle, which contains all the individual client CAs.
AdminKubeConfigClientCertKey is the asset that generates the key/cert pair for admin client to apiserver.
AdminKubeConfigSignerCertKey is a key/cert pair that signs the admin kubeconfig client certs.
AggregatorCA is the asset that generates the aggregator-ca key/cert pair.
AggregatorCABundle is the asset the generates the aggregator-ca-bundle, which contains all the individual client CAs.
AggregatorClientCertKey is the asset that generates the API server proxy key/cert pair.
AggregatorSignerCertKey is a key/cert pair that signs the aggregator client certs.
APIServerCertKey is the asset that generates the API server key/cert pair.
APIServerProxyCertKey is the asset that generates the API server proxy key/cert pair.
CertBundle contains a multiple certificates in a bundle.
CertCfg contains all needed fields to configure a new certificate.
CertKey contains the private key and the cert.
EtcdCA is the asset that generates the etcd-ca key/cert pair.
EtcdCABundle is the asset the generates the etcd-ca-bundle, which contains all the individual client CAs.
EtcdClientCertKey is the asset that generates the etcd client key/cert pair.
EtcdMetricCABundle is the asset the generates the etcd-metrics-ca-bundle, which contains all the individual client CAs.
EtcdMetricSignerCertKey is a key/cert pair that signs the etcd-metrics client and server certs.
EtcdMetricSignerClientCertKey is the asset that generates the etcd-metrics client key/cert pair.
EtcdSignerCertKey is a key/cert pair that signs the etcd client and peer certs.
EtcdSignerClientCertKey is the asset that generates the etcd client key/cert pair.
JournalCertKey is the asset that generates the key/cert pair that is used to authenticate with journal-gatewayd on the bootstrap node.
KeyPair contains a private key and a public key.
KubeAPIServerCompleteCABundle is the asset the generates the kube-apiserver-complete-server-ca-bundle, which contains all the certs that are valid to confirm the kube-apiserver identity.
KubeAPIServerCompleteClientCABundle is the asset the generates the kube-apiserver-complete-client-ca-bundle, which contains all the certs that are valid for the kube-apiserver to trust for clients.
KubeAPIServerLBCABundle is the asset the generates the kube-apiserver-lb-ca-bundle, which contains all the individual client CAs.
KubeAPIServerLBServerCertKey is the asset that generates the kube-apiserver serving key/cert pair for SNI load balancer.
KubeAPIServerLBSignerCertKey is a key/cert pair that signs the kube-apiserver server cert for SNI load balancer.
KubeAPIServerLocalhostCABundle is the asset the generates the kube-apiserver-localhost-ca-bundle, which contains all the individual client CAs.
KubeAPIServerLocalhostServerCertKey is the asset that generates the kube-apiserver serving key/cert pair for SNI localhost.
KubeAPIServerLocalhostSignerCertKey is a key/cert pair that signs the kube-apiserver server cert for SNI localhost.
KubeAPIServerServiceNetworkCABundle is the asset the generates the kube-apiserver-service-network-ca-bundle, which contains all the individual client CAs.
KubeAPIServerServiceNetworkServerCertKey is the asset that generates the kube-apiserver serving key/cert pair for SNI service network.
KubeAPIServerServiceNetworkSignerCertKey is a key/cert pair that signs the kube-apiserver server cert for SNI service network.
KubeAPIServerToKubeletCABundle is the asset the generates the kube-apiserver-to-kubelet-ca-bundle, which contains all the individual client CAs.
KubeAPIServerToKubeletClientCertKey is the asset that generates the kube-apiserver to kubelet client key/cert pair.
KubeAPIServerToKubeletSignerCertKey is a key/cert pair that signs the kube-apiserver to kubelet client certs.
KubeCA is the asset that generates the kube-ca key/cert pair.
KubeControlPlaneCABundle is the asset the generates the kube-control-plane-ca-bundle, which contains all the individual client CAs.
KubeControlPlaneKubeControllerManagerClientCertKey is the asset that generates the kube-controller-manger client key/cert pair.
KubeControlPlaneKubeSchedulerClientCertKey is the asset that generates the kube-scheduler client key/cert pair.
KubeControlPlaneSignerCertKey is a key/cert pair that signs the kube control-plane client certs.
KubeletBootstrapCABundle is the asset the generates the admin-kubeconfig-ca-bundle, which contains all the individual client CAs.
KubeletBootstrapCertSigner is a key/cert pair that signs the kubelet bootstrap kubeconfig client certs that the kubelet uses to create CSRs for it's real certificates.
KubeletClientCABundle is the asset the generates the kubelet-client-ca-bundle, which contains all the individual client CAs.
KubeletClientCertKey is the asset that generates the key/cert pair for kubelet client to apiserver.
KubeletCSRSignerCertKey is a key/cert pair that signs the kubelet client certs.
KubeletServingCABundle is the asset the generates the kubelet-serving-ca-bundle, which contains all the individual client CAs.
MCSCertKey is the asset that generates the MCS key/cert pair.
RootCA contains the private key and the cert that's self-signed as the root CA.
SelfSignedCertKey contains the private key and the cert that's self-signed.
ServiceAccountKeyPair is the asset that generates the service-account public/private key pair.
SignedCertKey contains the private key and the cert that's signed by the parent CA.
# Interfaces
CertInterface contains cert.
CertKeyInterface contains a private key and the associated cert.
KeyPairInterface contains a private key and a public key.
# Type aliases
AppendParentChoice dictates whether the parent's cert is to be added to the cert.