From 5aa4fef661d6fe8f493e2abdc71ed017a68a64a8 Mon Sep 17 00:00:00 2001
From: David Eads <deads@redhat.com>
Date: Mon, 9 Sep 2019 10:17:00 -0400
Subject: [PATCH] publish cluster authentication trust via controller

Kubernetes-commit: 7351c8686031b320f61c70fe065d3c039dda0a99
---
 util/cert/pem.go | 12 ++++++++++++
 1 file changed, 12 insertions(+)

diff --git a/util/cert/pem.go b/util/cert/pem.go
index 9185e2e2..c7751231 100644
--- a/util/cert/pem.go
+++ b/util/cert/pem.go
@@ -17,6 +17,7 @@ limitations under the License.
 package cert
 
 import (
+	"bytes"
 	"crypto/x509"
 	"encoding/pem"
 	"errors"
@@ -59,3 +60,14 @@ func ParseCertsPEM(pemCerts []byte) ([]*x509.Certificate, error) {
 	}
 	return certs, nil
 }
+
+// EncodeCertificates returns the PEM-encoded byte array that represents by the specified certs.
+func EncodeCertificates(certs ...*x509.Certificate) ([]byte, error) {
+	b := bytes.Buffer{}
+	for _, cert := range certs {
+		if err := pem.Encode(&b, &pem.Block{Type: CertificateBlockType, Bytes: cert.Raw}); err != nil {
+			return []byte{}, err
+		}
+	}
+	return b.Bytes(), nil
+}