public static KubernetesClientConfiguration InClusterConfig() { if (!IsInCluster()) { var local = LocalClusterConfig(); if (local is null) { throw new KubeConfigException("unable to load in-cluster configuration token and ca.crt must exists, KUBERNETES_SERVICE_HOST and KUBERNETES_SERVICE_PORT must be defined"); } return(local); } var token = File.ReadAllText(Path.Combine(ServiceAccountPath, ServiceAccountTokenKeyFileName)); var rootCAFile = Path.Combine(ServiceAccountPath, ServiceAccountRootCAKeyFileName); var host = Environment.GetEnvironmentVariable("KUBERNETES_SERVICE_HOST"); var port = Environment.GetEnvironmentVariable("KUBERNETES_SERVICE_PORT"); return(new KubernetesClientConfiguration { Host = new UriBuilder("https", host, Convert.ToInt32(port)).ToString(), AccessToken = token, SslCaCerts = CertUtils.LoadPemFileCert(rootCAFile) }); }
public void InvalidBundleCert() { var caCert = CertUtils.LoadPemFileCert("assets/ca-bundle.crt"); var testCert = new X509Certificate2("assets/ca2.crt"); var chain = new X509Chain(); var errors = SslPolicyErrors.RemoteCertificateChainErrors; var result = Kubernetes.CertificateValidationCallBack(this, caCert, testCert, chain, errors); Assert.False(result); }
public void LoadPemWithMultiCert() { var certCollection = CertUtils.LoadPemFileCert("assets/ca-bundle.crt"); var intermediateCert = new X509Certificate2("assets/ca-bundle-intermediate.crt"); var rootCert = new X509Certificate2("assets/ca-bundle-root.crt"); Assert.Equal(2, certCollection.Count); Assert.True(certCollection[0].RawData.SequenceEqual(intermediateCert.RawData)); Assert.True(certCollection[1].RawData.SequenceEqual(rootCert.RawData)); }
public void ValidBundleCert() { var caCert = CertUtils.LoadPemFileCert("assets/ca-bundle.crt"); // Load the intermediate cert // var testCert = caCert[0]; var chain = new X509Chain(); var errors = SslPolicyErrors.RemoteCertificateChainErrors; var result = Kubernetes.CertificateValidationCallBack(this, caCert, testCert, chain, errors); Assert.True(result); }
public void LoadPemWithMultiCert() { var cert = CertUtils.LoadPemFileCert("assets/ca3.crt"); Assert.NotNull(cert.PublicKey); }