github/kubernetes
1
0
Fork 0
mirror of https://github.com/k3s-io/kubernetes.git synced 2025-08-17 15:50:10 +00:00
Code Issues Projects Releases Wiki Activity

Add subjectAltName to test serving certificates

Browse Source
This commit is contained in:
Jordan Liggitt 2020-07-23 15:50:07 -04:00
parent 04ecdb9eb6
commit acce8871d6
2 changed files with 63 additions and 55 deletions
Show Stats Download Patch File Download Diff File Expand all files Collapse all files

117
staging/src/k8s.io/kube-aggregator/pkg/apiserver/handler_proxy_test.go
View File

@ -775,65 +775,72 @@ lVVu0HK225ml5vsKZjdAUHwS/M6cTnQcN+YxfGWFy+6o9pG9L9hjfpNxXbB0iNsR
crX83p28+Mnq5TGs0Kbvr9lnCNe9bGrqbl85rBvKRFRoDlfB2feo5hk02Bpe crX83p28+Mnq5TGs0Kbvr9lnCNe9bGrqbl85rBvKRFRoDlfB2feo5hk02Bpe
-----END RSA PRIVATE KEY-----`) -----END RSA PRIVATE KEY-----`)
var backendCertificate = []byte(`-----BEGIN CERTIFICATE----- var backendCertificate = []byte(`-----BEGIN CERTIFICATE-----
MIICszCCAZsCCQDDGNgLmIQtOTANBgkqhkiG9w0BAQsFADATMREwDwYDVQQDDAh0 MIIDiDCCAnCgAwIBAgIUJgFO0eypsogvehekMVrJ/eXj1MYwDQYJKoZIhvcNAQEL
ZXN0LWNhMjAeFw0yMDA1MzExMDAwMTRaFw0yMjA5MDMxMDAwMTRaMCQxIjAgBgNV BQAwXDELMAkGA1UEBhMCeHgxCjAIBgNVBAgMAXgxCjAIBgNVBAcMAXgxCjAIBgNV
BAMMGXRlc3Qtc2VydmljZTIudGVzdC1ucy5zdmMwggEiMA0GCSqGSIb3DQEBAQUA BAoMAXgxCjAIBgNVBAsMAXgxCzAJBgNVBAMMAmNhMRAwDgYJKoZIhvcNAQkBFgF4
A4IBDwAwggEKAoIBAQDFhy+tjaC7UcaHD0qqF8HOT22EUtUwaA0LQYHQtrbJVQb8 MB4XDTIwMDcyMzE5NTEwMFoXDTI1MDcyMjE5NTEwMFowJDEiMCAGA1UEAxMZdGVz
pGcqm2IdGr1MelSkXO39quhfVDrlXQQV4SVIUmBHMIDmcc9rYoQKutqR7ukaYlSd dC1zZXJ2aWNlMi50ZXN0LW5zLnN2YzCCASIwDQYJKoZIhvcNAQEBBQADggEPADCC
VqkQSTYRm10XeOp9qNmdXe/bq/DhP8Pc1JuISjBghmOEQGzI9SUw6aRfgXdixTOS AQoCggEBAPSmCdoH7RzBeGaGBGqBOV1I4Ex2Da2kUCPVeNfW3mPpJTUVi+QLwSDS
sL5gpVn6rnNJNGnN9RQPwAIzpp4xbe4UFOoEisHa5G5ohMIbA4bu8+CHLJzBHOww YTLnyw9tHRQgwV+rU1GTJSpcEk6CpiYdMavGnyH0C0iXKqXeJDfbU19ioUIInMxG
llw7iRUZvn+i1gHtlGVgWz/U01iL+g0vvoPNi8HpDO5OYlTO1jdRonr/LxS5sgIw OkfcL98fWgj/mih52zjBIh5f9Q7gCmzH6di4zXMQODTiDhrcjPzmMtMPvRJs+kol
wWTpMqItALzLPHZebTH1Y21+njPBE+MjYJZr9rnnAgMBAAEwDQYJKoZIhvcNAQEL 4Hh+tWH3s/hOeqiaWpw01UKis181SdEgX2uwNJYdHBbKF390vVIx/qpcFKUAw9to
BQADggEBAJWqT0XnBVGUjUUYRJUzyLfHe9L7KJ2gHgI8S+AyscQUi2meOwl3tqlZ CviyRMKv+DAK0jBoAsQVIU1Kt4reUrWyzonyO2wUrJmmFs997O04exkNlmFKa+bV
Z1bQNFKGQ17n0uKCfr5vknHNAH+Rme7wcQaOHozrRsfx5ktziIRjOSc2tE9cssXz cA8DtBhX4hTMKRFIAaYb4Kh5v5Pg0l0CAwEAAaN6MHgwDgYDVR0PAQH/BAQDAgWg
8rTu4RbfxgRgkHxvW4XNn6liB4BarzfANtg6OjftB2RSCZ5de+e9Q/zOgZD8KAjR MBMGA1UdJQQMMAoGCCsGAQUFBwMBMAwGA1UdEwEB/wQCMAAwHQYDVR0OBBYEFIe3
GD9mE7P/UnZFobNUehaAY3FHPiP+r2txpBPqqxLcsb/qv9rFQsz7OO++n5AN8fb+ Cry9ZA6zIWMvikdBZwBVprNzMCQGA1UdEQQdMBuCGXRlc3Qtc2VydmljZTIudGVz
wT/wiq1NdOVhyhncPnzdwJZxvOM3MtuXzN6UbqZ1ur/DxWYrhaiSWmWxCXWoQfde dC1ucy5zdmMwDQYJKoZIhvcNAQELBQADggEBACg/8So7bv3e2UxL6TDAK43IV7lR
Ijs5dRes3aVe33pMaDGTJ6QCEze2QxE= N+fIdkrxboiJY9XH7lPK4Cm7gNmxjzzlBeCbBRBNRrcbk4BoBRrDXMi2W13dtLE4
jmGPke7MFu6C9J26GrfiIchMyZAgFTGOucs1SOXr5hoaOnLkm9H3ZlkhWgIf/EUX
B4WEHdxKZCYTlUoPFsfcZ3vImo2zhelo5RyG+P8aACc1V7cSaDbZ6CHEdTsP2E70
9DKQHfkRr4MgrngoYiIZyj3IHK2kWnavLo0/XxBeoNVeenOrfmZAJ6QDSFAvTpMN
wWcx3Aj9jkGT+Cam2dvHFA+QaCni2uzOXlTyjLWwTjhc+Ml7FAL2Lc7U07c=
-----END CERTIFICATE-----`) -----END CERTIFICATE-----`)
var backendKey = []byte(`-----BEGIN RSA PRIVATE KEY----- var backendKey = []byte(`-----BEGIN RSA PRIVATE KEY-----
MIIEpAIBAAKCAQEAxYcvrY2gu1HGhw9KqhfBzk9thFLVMGgNC0GB0La2yVUG/KRn MIIEpAIBAAKCAQEA9KYJ2gftHMF4ZoYEaoE5XUjgTHYNraRQI9V419beY+klNRWL
KptiHRq9THpUpFzt/aroX1Q65V0EFeElSFJgRzCA5nHPa2KECrrake7pGmJUnVap 5AvBINJhMufLD20dFCDBX6tTUZMlKlwSToKmJh0xq8afIfQLSJcqpd4kN9tTX2Kh
EEk2EZtdF3jqfajZnV3v26vw4T/D3NSbiEowYIZjhEBsyPUlMOmkX4F3YsUzkrC+ QgiczEY6R9wv3x9aCP+aKHnbOMEiHl/1DuAKbMfp2LjNcxA4NOIOGtyM/OYy0w+9
YKVZ+q5zSTRpzfUUD8ACM6aeMW3uFBTqBIrB2uRuaITCGwOG7vPghyycwRzsMJZc Emz6SiXgeH61Yfez+E56qJpanDTVQqKzXzVJ0SBfa7A0lh0cFsoXf3S9UjH+qlwU
O4kVGb5/otYB7ZRlYFs/1NNYi/oNL76DzYvB6QzuTmJUztY3UaJ6/y8UubICMMFk pQDD22gK+LJEwq/4MArSMGgCxBUhTUq3it5StbLOifI7bBSsmaYWz33s7Th7GQ2W
6TKiLQC8yzx2Xm0x9WNtfp4zwRPjI2CWa/a55wIDAQABAoIBAQCAqU2k/ltzqBBo YUpr5tVwDwO0GFfiFMwpEUgBphvgqHm/k+DSXQIDAQABAoIBAGzU2BkX4ZEjN85T
aM15fX//ojzztACpRx0397NW/6yP95JVfcC1QADodEJZTlVTujRKxsgVUAgM3kmK 2+8NIVmwK6eX9KnEKKpoMmPCABhuBNFCjoKaAAX70KV2m8x2+7KSh7NpYZ0uWiAn
9twR/5Y2yKEteXRhvgnD83HrHHM5fFMhKRF2SjmtvkUkxN34e8NDfax+qcB898vc 6TTnxcW6wvfpWa0fBU37gUtcMLxwYvxRwe7AKhBtRUvmVZ1qMwFBw3AyFSWANQ9S
S6ADZk+cj+zCeDRjsUpIUed/ThU1f5ftBUKnexVSWQpWzy1ceAFKmD3Qe+Up22AT HI/LdpfBrvNr8mk3U+mijifA6S8u0co/QwlHmh1fRzLruP6VrTIAVs67+JvkKMBw
SCWXxv8pYoghs2iyAYb7eQFD/+BBVeJykXWvdDfi0TzqNhGC28PZBuE9sMq/+Yhu O3hxF/ImTIR8YwlPx4ckP4OXSftLTYKFVxDZBHtxyT5ED5GLx7nCPossL9mRpAYU
uGd4BRlKaE6B+vqxsY5Ub3m/4kvSGo2HCL6GBiD1zwuTkyrcA/9y2bne/MWfFdj9 XLje+5K4UNoLSFu9SaSZbBUDqbsSUsyJTWX1J+AYEThPUywV9lVBBtUj8JKOQ9kr
2BBHKOYBAoGBAPPwkBVUbjWZ+rtcObxx32zUui+4wiN4srZgyQowwWH5eHfVr6T1 i+Nt8HkCgYEA9o0WH97Orn/iyxe6KgbIGKPS46tcFGYAIgNTMEaeegfBIrg7kah3
DYN/fktTs8vtAqv5tgaDEo58V1SyOINCvp2b4PsnAASs3MbJCLiGzxroyKzhgeBe NV84d/Im3lYShCjGrnuoOHY2Wz4/a0DCbf+bgJWB/ZHpE00z+gBjfPE94as7wxC2
gX+AY2ijwC/XGSZj94dK4dXBesza7CcWqJlP13Yp9DXnGPWFq/IOxulLAoGBAM9L TO4HYg5kiy3b1RKaXWvOBrQ5fpZvdYo5WjWweNF6rTCanVPH5g7fenMCgYEA/gZJ
NkBiM7T+K0tnpRAe1cM7oyIRYgv1XqkHG/DoPq6npgFLeI3Dc/HMV0gS12YfY1f1 THt54MJdUOTBR1GS3l3da4yYJPNgRAFBdp8FRc8u0CTYTfLo0oNFfJHu+F/Ph5dj
s5JbVIPKQPr9viTmDcau64aqpZqVZcOqQV38AskRJQSHr7ss5i5gzcNkefROmdIA VWxhA+as+4rqJi+w8KZCCp/8LKjlJKzcCpv93E2UxM7e6WTa7Z/TmLi97i8FI39c
2lYLrEt8H3PC1wkk8biOwEeXHnMhNCnBfUn7W0xVAoGACn4nhHNcRjv4WATQivWO 62B8XJTVW/IRTqojW0noY62FqYrIWZ8ymrWnO+8CgYBVp044ZD+JgARaajPSxehe
+bxwwcq9tw7jCQtCuoh8WP2FHAp6AqtzyFs8kHrqOfRY8BLOrJsIuk5I52C/I45E Jwvs7Gtg6s7BAka0TtRfsLH4TejkAZLoh9wmT4oRU/W61C+yDmOyud7IdCe0Kxtg
ar0gwUzdKFZTLM3K7T0HPY4Ty7PrhT4rbdOU8xRQGP60mz0jkZM8AZjP8m3cSJYl +5waX9Z5MWe3vOqBwADQNz84VzS73+J1d3w5JKbpc1UcAQp/yiQZUCNpRvoR66Nh
7GpNx0xor8TgAveb/M576d8CgYAwQ6fHB9ZYLtGvxdsFzNgik9EgzoFQnXnDyzbz I6XbU2s7H9eXMLQRyLj64QKBgQCSZfkUdQ0Wta2mE1A41BB6y0ny08JTeVf/mWGr
OW/WxIv/Qy43e6mUQ+qSimiCi45a3YdI7WDZKo9EoS3Tc4kDmJiYC0Vxn5VJIGwF BZa6Vt854iIvOlFoEXOYiVpaFo26LUt4Tc/Tubvz9GlhvJaS+p6RFQb2jhgRfPYL
0PZpEEfZLSp6XzLc24ctFkja3C4uWip73E3qaWT9VAEzTNnHCd21DXd2gOWfT0C3 vz8dGjElA7yAcjmiPTxrhf0gKkUh4iMhHChQCw6zwNyso21hDUU7PSQNRAiXbiJx
qAGS3QKBgQCTXOZFOyBYuHTuW6WivhE37BYjSTQv8ig45xMdmM8/tFKtum9oUWpk +0L4TQKBgQDyAry0K7dTbEmsacFpHsxqE/F0O2tmFE0WzrDkKkjVu38jshMhDu5D
rxkwaxSqpHF5WjsepakAWRrARpsxNa9m1A7u8s5Ui6GremS5d/IMi6W0rrarK4xn 1X179FWkKL6dYrFdig5SHBM2T3Yjha6VF7o1apYqj5HoVhS/mz80xXCqUBVrg88v
ktdTr3ZZVCFnQbkH5dIFGbn7gBCFntHSooPET+nqDBIZVkSBljY17w== aOz9qqvSZQDZYwbOfr/vLMvJMp4M5gWWdxgaqoteLo1dQU20cYwlqA==
-----END RSA PRIVATE KEY-----`) -----END RSA PRIVATE KEY-----`)
var backendCaCertificate = []byte(`-----BEGIN CERTIFICATE----- var backendCaCertificate = []byte(`-----BEGIN CERTIFICATE-----
MIICojCCAYoCCQD19rP3+torQjANBgkqhkiG9w0BAQsFADATMREwDwYDVQQDDAh0 MIIDNDCCAhwCCQD9J4txHjsBLTANBgkqhkiG9w0BAQsFADBcMQswCQYDVQQGEwJ4
ZXN0LWNhMjAeFw0yMDA1MzEwOTU5NDFaFw0yNTA1MzAwOTU5NDFaMBMxETAPBgNV eDEKMAgGA1UECAwBeDEKMAgGA1UEBwwBeDEKMAgGA1UECgwBeDEKMAgGA1UECwwB
BAMMCHRlc3QtY2EyMIIBIjANBgkqhkiG9w0BAQEFAAOCAQ8AMIIBCgKCAQEAzTvF eDELMAkGA1UEAwwCY2ExEDAOBgkqhkiG9w0BCQEWAXgwHhcNMjAwNzIzMTk1NjA3
4u3OfiXSkJXQ899xqTSV43/U3YUZ+xg2wj8Mg1gOQ3TNW/LWNxErz9bvqZX0EPjx WhcNMjEwNzIzMTk1NjA3WjBcMQswCQYDVQQGEwJ4eDEKMAgGA1UECAwBeDEKMAgG
j7ilqmneDKSsNTqQ/4sYxo0h/ZA7AEux3+A2fk+P6KzOb++AiYctJxZuYI3OrB/4 A1UEBwwBeDEKMAgGA1UECgwBeDEKMAgGA1UECwwBeDELMAkGA1UEAwwCY2ExEDAO
seU9KO4nNYSVku6uH1nYCjzDTFWQDJuS/SLbPMc7jggywuhp65tlPR/nuL9G2V8t BgkqhkiG9w0BCQEWAXgwggEiMA0GCSqGSIb3DQEBAQUAA4IBDwAwggEKAoIBAQDu
5nXV08B4wQ7IdhmequIUPpMtajgobtrDhxpLR3V36t1f57BHU0N/IWWF+kIZFf5F lMNXqY4D9EhgkDrKYcQD+Qai0rSWXSx2u28NCsQ36oR+J6UocSA1+0aFnZHo2s2P
7xwsgFBtyXYmjYlmfEwCRQvHNVdUfpp2wI040s7fZs3A64mKA+Xe61J/fJCKzAuC sRndP1/AqEELpYl4XtAqrDUrhgH0KuvlIIp0LLDGLoJaOvv89VnNyuqSg4KtkGNZ
mhATlL+SJ7xNVTsqeQIDAQABMA0GCSqGSIb3DQEBCwUAA4IBAQCd+Esl57Zy36cO leiEBOUk7vITQkWtt3+QNVZPx/lMWUjI8QCvtaVKNcd7C9P6HCTuSbfkkHUdLLwM
gHNEvoo2TOtRf8qhuJChxEabIYg2RkRID8s+SYQPlSZ0iWKOsYbT2qmOBubGwVJH Ud1zp6T/YHFxGGNtN0XDMapQJid4pfQF4vj89H5JT4GArOgUTEDfkVy7Go5/1F8I
r0DKGqYNRMEAMQYOwnvDJ4S+Bexj1zhBwS/PhdRL0gz7tAkzJOTyybFBHgOu+Xg5 X5sG9WbCLcClfPAHFZNM1igTMVEau0uF6wkL3UIBImyExFEwgN3HT88kIVN+tZSZ
bqeOuCUY8piUl/UiuULcrF6+BttQZwBWixfHMMuQzTAsnHTqMGOSqnhTdbnELUcr n7bEnx9uWQKExZNOwf6TAgMBAAEwDQYJKoZIhvcNAQELBQADggEBAH5dU7u4+RRD
lOz+cVhXs4AWVCDOMXUKKNy1fQglqt/cMangLhrYj+//CKzimsgYHDHfaO2Uo7W+ C3nodTMJjd4UD7kdO2Stp9sLsPsbFhWQGpW10J0v+m7+ISgxOfbpNU9NI3dlDsCo
peBdV/d+f9YupxJoa83EilhIJtbj17csFxUloTRG2y9Xmf+jFdbz8H0+n0Pq7n38 h4sG4MYfJio28r7ohkbzgBc3xKpLKK54XvPFhmrUiHccJT0PV6F3MJyBCn1Bxdya
EyMJKLfk +phcQapwRda/ytrqV5Xf55Od1n9plPnl+eV89teBV8qpd/cufIiFPeO8zhHI3wfh
AUbPo2yBwdFXKZxLo5rR3yTlJBkRjfodHNTcJffio2fEzPQumP+qCkHWx37aR3kW
9iRvhus3UcCluc76CrV2XJvXzgbXjU0YBDqRmiShVCGm+eTftq1v9wDLRhgadxPu
RzFJLb91brg=
-----END CERTIFICATE-----`) -----END CERTIFICATE-----`)
var clientCaCrt = []byte(`-----BEGIN CERTIFICATE----- var clientCaCrt = []byte(`-----BEGIN CERTIFICATE-----
MIIFcDCCA1gCCQDgTBDe5gjLSDANBgkqhkiG9w0BAQsFADB6MQswCQYDVQQGEwJV MIIFcDCCA1gCCQDgTBDe5gjLSDANBgkqhkiG9w0BAQsFADB6MQswCQYDVQQGEwJV

1
test/e2e/apimachinery/certs.go
View File

@ -63,6 +63,7 @@ func setupServerCert(namespaceName, serviceName string) *certContext {
signedCert, err := utils.NewSignedCert( signedCert, err := utils.NewSignedCert(
&cert.Config{ &cert.Config{
CommonName: serviceName + "." + namespaceName + ".svc", CommonName: serviceName + "." + namespaceName + ".svc",
AltNames: cert.AltNames{DNSNames: []string{serviceName + "." + namespaceName + ".svc"}},
Usages: []x509.ExtKeyUsage{x509.ExtKeyUsageServerAuth}, Usages: []x509.ExtKeyUsage{x509.ExtKeyUsageServerAuth},
}, },
key, signingCert, signingKey, key, signingCert, signingKey,