CertOrKeyExist returns a boolean whether the cert or the key exists.

CSROrKeyExist returns true if one of the CSR or key exists.

EncodeCertBundlePEM returns PEM-encoded certificate bundle.

EncodeCertPEM returns PEM-encoded certificate data.

EncodeCSRPEM returns PEM-encoded CSR data.

EncodePublicKeyPEM returns PEM-encoded public data.

GeneratePrivateKey is the default function for generating private keys.

GetAPIServerAltNames builds an AltNames object for to be used when generating apiserver certificate.

GetEtcdAltNames builds an AltNames object for generating the etcd server certificate.

GetEtcdPeerAltNames builds an AltNames object for generating the etcd peer certificate.

HasServerAuth returns true if the given certificate is a ServerAuth.

NewCertAndKey creates new certificate and key by passing the certificate authority certificate and key.

NewCertificateAuthority creates new certificate and private key for the certificate authority.

NewCSR creates a new CSR.

NewCSRAndKey generates a new key and CSR and that could be signed to create the given certificate.

NewIntermediateCertificateAuthority creates new certificate and private key for an intermediate certificate authority.

NewSelfSignedCACert creates a new self-signed CA certificate.

NewSignedCert creates a signed certificate using the given CA certificate and key.

PathsForCertAndKey returns the paths for the certificate and key given the path and basename.

RemoveDuplicateAltNames removes duplicate items in altNames.

TryLoadCertAndKeyFromDisk tries to load a cert and a key from the disk and validates that they are valid.

TryLoadCertChainFromDisk tries to load the cert chain from the disk.

TryLoadCertFromDisk tries to load the cert from the disk.

TryLoadKeyFromDisk tries to load the key from the disk and validates that it is valid.

TryLoadPrivatePublicKeyFromDisk tries to load the key from the disk and validates that it is valid.

ValidateCertPeriod checks if the certificate is valid relative to the current time (+/- offset).

VerifyCertChain verifies that a certificate has a valid chain of intermediate CAs back to the root CA.

WriteCert stores the given certificate at the given location.

WriteCertAndKey stores certificate and key at the specified location.

WriteCertBundle stores the given certificate bundle at the given location.

WriteCSR writes the pem-encoded CSR data to csrPath.

WriteKey stores the given key at the given location.

WritePublicKey stores the given public key at the given location.

CertificateBlockType is a possible value for pem.Block.Type.

PublicKeyBlockType is a possible value for pem.Block.Type.

NewPrivateKey returns a new private key.

CertConfig is a wrapper around certutil.Config extending it with EncryptionAlgorithm.