rancher/rke
1
0
Fork 0
mirror of https://github.com/rancher/rke.git synced 2025-09-18 08:06:20 +00:00
Code Issues Releases Wiki Activity

process pem file with multiple certs when ca contains a chain ( root and sub ca ) and push pem file with chain to nodes instead of only first cert in pem file

Browse Source
This commit is contained in:
Chaudhry, Faisal
2021-11-11 18:42:48 -05:00
parent 1ae89e56c3
commit 38de6f0782
3 changed files with 202 additions and 9 deletions
Download Patch File Download Diff File Expand all files Collapse all files

12
pki/cert/pem.go
View File

@@ -23,6 +23,7 @@ import (
"encoding/pem"
"errors"
"fmt"
"strings"
)
const (
@@ -62,7 +63,7 @@ func EncodePrivateKeyPEM(key *rsa.PrivateKey) []byte {
return pem.EncodeToMemory(&block)
}
// EncodeCertPEM returns PEM-endcoded certificate data
// EncodeCertPEM returns PEM-encoded certificate data
func EncodeCertPEM(cert *x509.Certificate) []byte {
block := pem.Block{
Type: CertificateBlockType,
@@ -71,6 +72,15 @@ func EncodeCertPEM(cert *x509.Certificate) []byte {
return pem.EncodeToMemory(&block)
}
// EncodeCertsPEM returns PEM-encoded certificate data for multiple certs
func EncodeCertsPEM(certs []*x509.Certificate) string {
var pemList []string
for _, c := range certs {
pemList = append(pemList, string(EncodeCertPEM(c)))
}
return strings.Join(pemList, "\n")
}
// ParsePrivateKeyPEM returns a private key parsed from a PEM block in the supplied data.
// Recognizes PEM blocks for "EC PRIVATE KEY", "RSA PRIVATE KEY", or "PRIVATE KEY"
func ParsePrivateKeyPEM(keyData []byte) (interface{}, error) {