MCPcopy
hub / github.com/baetyl/baetyl / RotateCertificate

Method RotateCertificate

security/pki.go:72–98  ·  view source on GitHub ↗
(cn string)

Source from the content-addressed store, hash-verified

70}
71
72func (p *pkiClient) RotateCertificate(cn string) (*pki.CertPem, error) {
73 key := genStoKey(cn)
74 cert := &pki.CertPem{}
75 err := p.sto.Get(key, cert)
76 if err != nil {
77 return nil, errors.Trace(err)
78 }
79 err = p.RevokeCertificate(cn)
80 if err != nil {
81 return nil, errors.Trace(err)
82 }
83 certInfo, err := pki.ParseCertificates(cert.Crt)
84 if err != nil {
85 return nil, errors.Trace(err)
86 }
87 if len(certInfo) != 1 {
88 return nil, errors.Trace(errors.Errorf("rotate certificate error"))
89 }
90
91 alt := AltNames{
92 DNSNames: certInfo[0].DNSNames,
93 IPs: certInfo[0].IPAddresses,
94 Emails: certInfo[0].EmailAddresses,
95 URIs: certInfo[0].URIs,
96 }
97 return p.IssueCertificate(certInfo[0].Subject.CommonName, alt)
98}
99
100func (p *pkiClient) genSelfSignedCACertificate() error {
101 cn := fmt.Sprintf("%s.%s", os.Getenv(sync.EnvKeyNodeNamespace), os.Getenv(sync.EnvKeyNodeName))

Callers

nothing calls this directly

Calls 4

RevokeCertificateMethod · 0.95
IssueCertificateMethod · 0.95
genStoKeyFunction · 0.85
GetMethod · 0.65

Tested by

no test coverage detected