IsStatic returns true if the Secret has an attribute indicating that it contains a static (aka user-provided) certificate, which should not be modified.

Deprecated: Use LoadCertsChain instead as it supports intermediate CAs.

Deprecated: Use LoadOrGenCAChain instead as it supports intermediate CAs.

Marshal returns the given cert and key as byte slices.

MarshalChain returns given key and certificates as byte slices.

NeedsUpdate returns true if any of the CNs are not currently present on the secret's Certificate, as recorded in the cnPrefix annotations.

NewPrivateKey returnes a new ECDSA key.