nebula

History

John Maguire 34d002d695 Check CA cert and key match in nebula-cert sign (#503 ) `func (nc *NebulaCertificate) VerifyPrivateKey(key []byte) error` would previously return an error even if passed the correct private key for a CA certificate `nc`. That function has been updated to support CA certificates, and nebula-cert now calls it before signing a new certificate. Previously, it would perform all constraint checks against the CA certificate provided, take a SHA256 fingerprint of the provided certificate, insert it into the new node certificate, and then finally sign it with the mismatching private key provided.		2021-10-01 12:43:33 -04:00
..
Makefile	IPv6 support for outside (udp) (#369 )	2021-03-18 20:37:24 -05:00
README.md	Public Release	2019-11-19 17:00:20 +00:00
ca.go	Use inclusive terminology for cert blocking (#272 )	2020-08-06 11:17:47 +10:00
cert.go	Check CA cert and key match in nebula-cert sign (#503 )	2021-10-01 12:43:33 -04:00
cert.pb.go	IPv6 support for outside (udp) (#369 )	2021-03-18 20:37:24 -05:00
cert.proto	IPv6 support for outside (udp) (#369 )	2021-03-18 20:37:24 -05:00
cert_test.go	Check CA cert and key match in nebula-cert sign (#503 )	2021-10-01 12:43:33 -04:00

`cert`

This is a library for interacting with nebula style certificates and authorities.

A protobuf definition of the certificate format is also included

Make sure you have protoc installed.

To compile for go with the same version of protobuf specified in go.mod:

make