package io.linkerd.proxy.identity

Get desktop application:
View/edit binary Protocol Buffers messages

• rpc Certify (CertifyRequest, CertifyResponse)

  identity.proto:17

  Requests that a time-bounded certificate be signed. The requester must provide a token that verifies the client's identity and a Certificate Signing Request that adheres to the service naming rules. Errors are returned when the provided request is invalid or when authentication cannot be performed.

  message CertifyRequest

  identity.proto:20

  • string identity = 1

  • bytes token = 2

    Proof of the requester's identity. In Kubernetes, for instance, this is the contents of a service account token.

  • bytes certificate_signing_request = 3

    A PEM-encoded x509 Certificate Signing Request.

  message CertifyResponse

  identity.proto:33

  • bytes leaf_certificate = 1

    A PEM-encoded x509 Certificate.

  • repeated bytes intermediate_certificates = 2

    A list of PEM-encoded x509 Certificates that establish the trust chain between the leaf_certificate and the well-known trust anchors.

  • optional google.protobuf.Timestamp valid_until = 3