openshift
diff --git a/‎Godeps/_workspace/src/k8s.io/kubernetes/plugin/pkg/auth/authenticator/request/x509/testdata/client-expired.pem
+11 b/‎Godeps/_workspace/src/k8s.io/kubernetes/plugin/pkg/auth/authenticator/request/x509/testdata/client-expired.pem
+11
diff --git a/‎Godeps/_workspace/src/k8s.io/kubernetes/plugin/pkg/auth/authenticator/request/x509/testdata/client-valid.pem
+11 b/‎Godeps/_workspace/src/k8s.io/kubernetes/plugin/pkg/auth/authenticator/request/x509/testdata/client-valid.pem
+11
diff --git a/‎Godeps/_workspace/src/k8s.io/kubernetes/plugin/pkg/auth/authenticator/request/x509/testdata/client.config.json
+24 b/‎Godeps/_workspace/src/k8s.io/kubernetes/plugin/pkg/auth/authenticator/request/x509/testdata/client.config.json
+24
diff --git a/‎Godeps/_workspace/src/k8s.io/kubernetes/plugin/pkg/auth/authenticator/request/x509/testdata/client.csr.json
+3 b/‎Godeps/_workspace/src/k8s.io/kubernetes/plugin/pkg/auth/authenticator/request/x509/testdata/client.csr.json
+3
diff --git a/‎Godeps/_workspace/src/k8s.io/kubernetes/plugin/pkg/auth/authenticator/request/x509/testdata/generate.sh
+24 b/‎Godeps/_workspace/src/k8s.io/kubernetes/plugin/pkg/auth/authenticator/request/x509/testdata/generate.sh
+24
diff --git a/‎Godeps/_workspace/src/k8s.io/kubernetes/plugin/pkg/auth/authenticator/request/x509/testdata/intermediate.config.json
+18 b/‎Godeps/_workspace/src/k8s.io/kubernetes/plugin/pkg/auth/authenticator/request/x509/testdata/intermediate.config.json
+18
diff --git a/‎Godeps/_workspace/src/k8s.io/kubernetes/plugin/pkg/auth/authenticator/request/x509/testdata/intermediate.csr.json
+6 b/‎Godeps/_workspace/src/k8s.io/kubernetes/plugin/pkg/auth/authenticator/request/x509/testdata/intermediate.csr.json
+6
diff --git a/‎Godeps/_workspace/src/k8s.io/kubernetes/plugin/pkg/auth/authenticator/request/x509/testdata/intermediate.pem
+11 b/‎Godeps/_workspace/src/k8s.io/kubernetes/plugin/pkg/auth/authenticator/request/x509/testdata/intermediate.pem
+11
diff --git a/‎Godeps/_workspace/src/k8s.io/kubernetes/plugin/pkg/auth/authenticator/request/x509/testdata/root.csr.json
+6 b/‎Godeps/_workspace/src/k8s.io/kubernetes/plugin/pkg/auth/authenticator/request/x509/testdata/root.csr.json
+6
diff --git a/‎Godeps/_workspace/src/k8s.io/kubernetes/plugin/pkg/auth/authenticator/request/x509/testdata/root.pem
+11 b/‎Godeps/_workspace/src/k8s.io/kubernetes/plugin/pkg/auth/authenticator/request/x509/testdata/root.pem
+11
diff --git a/‎Godeps/_workspace/src/k8s.io/kubernetes/plugin/pkg/auth/authenticator/request/x509/x509.go
+19-13 b/‎Godeps/_workspace/src/k8s.io/kubernetes/plugin/pkg/auth/authenticator/request/x509/x509.go
+19-13
diff --git a/‎Godeps/_workspace/src/k8s.io/kubernetes/plugin/pkg/auth/authenticator/request/x509/x509_test.go
+36 b/‎Godeps/_workspace/src/k8s.io/kubernetes/plugin/pkg/auth/authenticator/request/x509/x509_test.go
+36
diff --git a/‎pkg/auth/authenticator/request/x509request/testdata/client-expired.pem
+11 b/‎pkg/auth/authenticator/request/x509request/testdata/client-expired.pem
+11
diff --git a/‎pkg/auth/authenticator/request/x509request/testdata/client-valid.pem
+11 b/‎pkg/auth/authenticator/request/x509request/testdata/client-valid.pem
+11
diff --git a/‎pkg/auth/authenticator/request/x509request/testdata/client.config.json
+24 b/‎pkg/auth/authenticator/request/x509request/testdata/client.config.json
+24
diff --git a/‎pkg/auth/authenticator/request/x509request/testdata/client.csr.json
+3 b/‎pkg/auth/authenticator/request/x509request/testdata/client.csr.json
+3
diff --git a/‎pkg/auth/authenticator/request/x509request/testdata/generate.sh
+10 b/‎pkg/auth/authenticator/request/x509request/testdata/generate.sh
+10
diff --git a/‎pkg/auth/authenticator/request/x509request/testdata/intermediate.config.json
+18 b/‎pkg/auth/authenticator/request/x509request/testdata/intermediate.config.json
+18
diff --git a/‎pkg/auth/authenticator/request/x509request/testdata/intermediate.csr.json
+6 b/‎pkg/auth/authenticator/request/x509request/testdata/intermediate.csr.json
+6
diff --git a/‎pkg/auth/authenticator/request/x509request/testdata/intermediate.pem
+11 b/‎pkg/auth/authenticator/request/x509request/testdata/intermediate.pem
+11
diff --git a/‎pkg/auth/authenticator/request/x509request/testdata/root.csr.json
+6 b/‎pkg/auth/authenticator/request/x509request/testdata/root.csr.json
+6
diff --git a/‎pkg/auth/authenticator/request/x509request/testdata/root.pem
+11 b/‎pkg/auth/authenticator/request/x509request/testdata/root.pem
+11
@@ -0,0 +1,11 @@
+-----BEGIN CERTIFICATE-----
+MIIBpTCCAUugAwIBAgIUPV4LAC5KK8YWY1FegyTuhkGUr3EwCgYIKoZIzj0EAwIw
+GjEYMBYGA1UEAxMPSW50ZXJtZWRpYXRlLUNBMB4XDTkwMTIzMTIzNTkwMFoXDTkw
+MTIzMTIzNTkwMFowFDESMBAGA1UEAxMJTXkgQ2xpZW50MFkwEwYHKoZIzj0CAQYI
+KoZIzj0DAQcDQgAEyYUnseNUN87rfHgekrfZu5sj4wlt5LYr3JYZZkfSbsb+BW3/
+RzX02ifjp+8w7mI4qUGg6y6J7oXHGFT3uj9kj6N1MHMwDgYDVR0PAQH/BAQDAgWg
+MBMGA1UdJQQMMAoGCCsGAQUFBwMCMAwGA1UdEwEB/wQCMAAwHQYDVR0OBBYEFKsX
+EnXwDg8j2LIEM1QzmFrE6537MB8GA1UdIwQYMBaAFF+p0JcY31pz+mjNZnjv0Gum
+92vZMAoGCCqGSM49BAMCA0gAMEUCIG4FBcb57oqOCoaFiJ+Yx6S0zkaash7bTv3V
+CIy9JvFdAiEAy8bf2S9EkvZyURZ6ycgEMnekll57Ebze6rjlPx8+B1Y=
+-----END CERTIFICATE-----
@@ -0,0 +1,11 @@
+-----BEGIN CERTIFICATE-----
+MIIBqDCCAU2gAwIBAgIUfbqeieihh/oERbfvRm38XvS/xHAwCgYIKoZIzj0EAwIw
+GjEYMBYGA1UEAxMPSW50ZXJtZWRpYXRlLUNBMCAXDTE2MTAxMTA1MDYwMFoYDzIx
+MTYwOTE3MDUwNjAwWjAUMRIwEAYDVQQDEwlNeSBDbGllbnQwWTATBgcqhkjOPQIB
+BggqhkjOPQMBBwNCAARv6N4R/sjMR65iMFGNLN1GC/vd7WhDW6J4X/iAjkRLLnNb
+KbRG/AtOUZ+7upJ3BWIRKYbOabbQGQe2BbKFiap4o3UwczAOBgNVHQ8BAf8EBAMC
+BaAwEwYDVR0lBAwwCgYIKwYBBQUHAwIwDAYDVR0TAQH/BAIwADAdBgNVHQ4EFgQU
+K/pZOWpNcYai6eHFpmJEeFpeQlEwHwYDVR0jBBgwFoAUX6nQlxjfWnP6aM1meO/Q
+a6b3a9kwCgYIKoZIzj0EAwIDSQAwRgIhAIWTKw/sjJITqeuNzJDAKU4xo1zL+xJ5
+MnVCuBwfwDXCAiEAw/1TA+CjPq9JC5ek1ifR0FybTURjeQqYkKpve1dveps=
+-----END CERTIFICATE-----
@@ -0,0 +1,24 @@
+{
+    "signing": {
+        "profiles": {
+            "valid": {
+                "expiry": "876000h",
+                "usages": [
+                    "signing",
+                    "key encipherment",
+                    "client auth"
+                ]
+            },
+            "expired": {
+                "expiry": "1h",
+                "not_before": "1990-12-31T23:59:00Z",
+                "not_after": "1990-12-31T23:59:00Z",
+                "usages": [
+                    "signing",
+                    "key encipherment",
+                    "client auth"
+                ]
+            }
+        }
+    }
+}
@@ -0,0 +1,3 @@
+{
+    "CN": "My Client"
+}
@@ -0,0 +1,10 @@
+#!/usr/bin/env bash
+
+cfssl gencert -initca root.csr.json | cfssljson -bare root
+
+cfssl gencert -initca intermediate.csr.json | cfssljson -bare intermediate
+cfssl sign -ca root.pem -ca-key root-key.pem -config intermediate.config.json intermediate.csr | cfssljson -bare intermediate
+
+cfssl gencert -ca intermediate.pem -ca-key intermediate-key.pem -config client.config.json --profile=valid   client.csr.json | cfssljson -bare client-valid
+cfssl gencert -ca intermediate.pem -ca-key intermediate-key.pem -config client.config.json --profile=expired client.csr.json | cfssljson -bare client-expired
+ 
@@ -0,0 +1,18 @@
+{
+    "signing": {
+        "default": {
+            "usages": [
+                "digital signature",
+                "cert sign",
+                "crl sign",
+                "signing",
+                "key encipherment",
+                "client auth"
+            ],
+            "expiry": "876000h",
+            "ca_constraint": {
+                "is_ca": true
+            }
+        }
+    }
+}
@@ -0,0 +1,6 @@
+{
+    "CN": "Intermediate-CA",
+    "ca": {
+        "expiry": "876000h"
+    }
+}
@@ -0,0 +1,11 @@
+-----BEGIN CERTIFICATE-----
+MIIBqDCCAU6gAwIBAgIUfqZtjoFgczZ+oQZbEC/BDSS2J6wwCgYIKoZIzj0EAwIw
+EjEQMA4GA1UEAxMHUm9vdC1DQTAgFw0xNjEwMTEwNTA2MDBaGA8yMTE2MDkxNzA1
+MDYwMFowGjEYMBYGA1UEAxMPSW50ZXJtZWRpYXRlLUNBMFkwEwYHKoZIzj0CAQYI
+KoZIzj0DAQcDQgAEyWHEMMCctJg8Xa5YWLqaCPbk3MjB+uvXac42JM9pj4k9jedD
+kpUJRkWIPzgJI8Zk/3cSzluUTixP6JBSDKtwwaN4MHYwDgYDVR0PAQH/BAQDAgGm
+MBMGA1UdJQQMMAoGCCsGAQUFBwMCMA8GA1UdEwEB/wQFMAMBAf8wHQYDVR0OBBYE
+FF+p0JcY31pz+mjNZnjv0Gum92vZMB8GA1UdIwQYMBaAFB7P6+i4/pfNjqZgJv/b
+dgA7Fe4tMAoGCCqGSM49BAMCA0gAMEUCIQCTT1YWQZaAqfQ2oBxzOkJE2BqLFxhz
+3smQlrZ5gCHddwIgcvT7puhYOzAgcvMn9+SZ1JOyZ7edODjshCVCRnuHK2c=
+-----END CERTIFICATE-----
@@ -0,0 +1,6 @@
+{
+    "CN": "Root-CA",
+    "ca": {
+        "expiry": "876000h"
+    }
+}
@@ -0,0 +1,11 @@
+-----BEGIN CERTIFICATE-----
+MIIBizCCATGgAwIBAgIUH4plk9qwD61FVXgiOTngFU5FeSkwCgYIKoZIzj0EAwIw
+EjEQMA4GA1UEAxMHUm9vdC1DQTAgFw0xNjEwMTEwNTA2MDBaGA8yMTE2MDkxNzA1
+MDYwMFowEjEQMA4GA1UEAxMHUm9vdC1DQTBZMBMGByqGSM49AgEGCCqGSM49AwEH
+A0IABI2CsrAnMGT8P2VGU2MLo5pv86Z74kcV9hgkLJUkSaeNyc1s89w7X5V2wvwu
+iWEJRGm5RoZJausmyZLZEoKEVXejYzBhMA4GA1UdDwEB/wQEAwIBBjAPBgNVHRMB
+Af8EBTADAQH/MB0GA1UdDgQWBBQez+vouP6XzY6mYCb/23YAOxXuLTAfBgNVHSME
+GDAWgBQez+vouP6XzY6mYCb/23YAOxXuLTAKBggqhkjOPQQDAgNIADBFAiBGclts
+vJRM+QMVoV/1L9b+hvhgLIp/OupUFsSOReefIwIhALY06hBklyh8eFwuBtyX2VcE
+8xlVn4/5idUvc3Xv2h9s
+-----END CERTIFICATE-----