mirror of
https://github.com/docker/docs.git
synced 2026-03-29 23:38:56 +07:00
3c6335c572
Add explicit startTime and endTime parameters to cryptoservice.GenerateCertificate and trustmanager.NewCertificate. trustmanager.NewCertificate as a low-level data manipulation function should not be hard-coding policy (10-year expiration); that policy belongs to its callers, or one more level higher to callers of cryptoservice.GenerateCertificate. These places hard-coding policy now also have an explict comment to that effect. In addition to conceptual cleanliness, this will allow writing tests of certificate expiry by generating appropriate expired or nearly-expired certificates. Tests which don't care about the policy much will continue to use the just added cryptoservice.GenerateTestingCertificate. Signed-off-by: Miloslav Trmač <mitr@redhat.com>