The highest tagged major version is
Documentation
¶
Overview ¶
Package ca contains functions to manage lifecycle of TLS CA.
This CA is required to generate TLS certificate for hostnames on the fly. It uses self-signed certificate + its primary key (or, if you want, you can provide your own certificates) to generate ad-hoc TLS certificates for the given hosts.
The certificates are generated in determenistic way derived from your CA private key so please keep it is secret.
To generate your own set of CA certificate and private key, please use the following command line:
openssl req -x509 -newkey rsa:1024 -keyout private-key.pem -out ca.crt -days 3650 -nodes
file ca.crt will contain CA certificate; private-key.pem - CA private key.
Index ¶
Constants ¶
const DefaultMaxSize = 1024
DefaultMaxSize defines a default value for TLS certificates to store in LRU cache.
const RSAKeyLength = 2048
RSAKeyLength defines a length of the key to generate
Variables ¶
var ( DefaultTLSConfig = &tls.Config{ InsecureSkipVerify: true, } )
Functions ¶
This section is empty.
Types ¶
type CA ¶
type CA struct {
// contains filtered or unexported fields
}
CA is a datastructure which presents TLS CA (certificate authority). The main purpose of this type is to generate TLS certificates on-the-fly, using given CA certificate and private key.
CA generates certificates concurrently but in thread-safe way. The number of concurrently generated certificates is equal to the number of CPUs.
type CertificateMetrics ¶
type CertificateMetrics interface {
NewCertificate()
DropCertificate()
}
CertificateMetrics is a subset of the main Metrics interface which provides callbacks for certificates.
Source Files