(cn string)
| 70 | } |
| 71 | |
| 72 | func (p *pkiClient) RotateCertificate(cn string) (*pki.CertPem, error) { |
| 73 | key := genStoKey(cn) |
| 74 | cert := &pki.CertPem{} |
| 75 | err := p.sto.Get(key, cert) |
| 76 | if err != nil { |
| 77 | return nil, errors.Trace(err) |
| 78 | } |
| 79 | err = p.RevokeCertificate(cn) |
| 80 | if err != nil { |
| 81 | return nil, errors.Trace(err) |
| 82 | } |
| 83 | certInfo, err := pki.ParseCertificates(cert.Crt) |
| 84 | if err != nil { |
| 85 | return nil, errors.Trace(err) |
| 86 | } |
| 87 | if len(certInfo) != 1 { |
| 88 | return nil, errors.Trace(errors.Errorf("rotate certificate error")) |
| 89 | } |
| 90 | |
| 91 | alt := AltNames{ |
| 92 | DNSNames: certInfo[0].DNSNames, |
| 93 | IPs: certInfo[0].IPAddresses, |
| 94 | Emails: certInfo[0].EmailAddresses, |
| 95 | URIs: certInfo[0].URIs, |
| 96 | } |
| 97 | return p.IssueCertificate(certInfo[0].Subject.CommonName, alt) |
| 98 | } |
| 99 | |
| 100 | func (p *pkiClient) genSelfSignedCACertificate() error { |
| 101 | cn := fmt.Sprintf("%s.%s", os.Getenv(sync.EnvKeyNodeNamespace), os.Getenv(sync.EnvKeyNodeName)) |
nothing calls this directly
no test coverage detected