Documentation ¶
Index ¶
- func CanReadCertOrKey(certPath, keyPath string) bool
- func EncodeCertPEM(cert *x509.Certificate) []byte
- func EncodePrivateKeyPEM(key *rsa.PrivateKey) []byte
- func EncodePublicKeyPEM(key *rsa.PublicKey) ([]byte, error)
- func FormatBytesCert(cert []byte) (string, error)
- func FormatCert(c *x509.Certificate) string
- func GenerateSelfSignedCertKey(host string, alternateIPs []net.IP, alternateDNS []string) ([]byte, []byte, error)
- func MakeCSR(privateKey interface{}, subject *pkix.Name, dnsSANs []string, ipSANs []net.IP) (csr []byte, err error)
- func MakeEllipticPrivateKeyPEM() ([]byte, error)
- func NewPool(filename string) (*x509.CertPool, error)
- func NewPrivateKey() (*rsa.PrivateKey, error)
- func NewSelfSignedCACert(cfg Config, key *rsa.PrivateKey) (*x509.Certificate, error)
- func NewSignedCert(cfg Config, key *rsa.PrivateKey, caCert *x509.Certificate, ...) (*x509.Certificate, error)
- func ParseCSR(obj *certificates.CertificateSigningRequest) (*x509.CertificateRequest, error)
- func ParseCSRV1alpha1(obj *v1alpha1.CertificateSigningRequest) (*x509.CertificateRequest, error)
- func ParseCertsPEM(pemCerts []byte) ([]*x509.Certificate, error)
- func ParsePrivateKeyPEM(keyData []byte) (interface{}, error)
- func WriteCert(certPath string, data []byte) error
- func WriteKey(keyPath string, data []byte) error
- type AltNames
- type Config
Constants ¶
This section is empty.
Variables ¶
This section is empty.
Functions ¶
func CanReadCertOrKey ¶
CanReadCertOrKey returns true if the certificate or key files already exists, otherwise returns false.
func EncodeCertPEM ¶
func EncodeCertPEM(cert *x509.Certificate) []byte
EncodeCertPEM returns PEM-endcoded certificate data
func EncodePrivateKeyPEM ¶
func EncodePrivateKeyPEM(key *rsa.PrivateKey) []byte
EncodePrivateKeyPEM returns PEM-encoded private key data
func EncodePublicKeyPEM ¶
EncodePublicKeyPEM returns PEM-endcode public data
func FormatBytesCert ¶
FormatBytesCert receives byte array certificate and formats in human-readable format
func FormatCert ¶
func FormatCert(c *x509.Certificate) string
FormatCert receives certificate and formats in human-readable format
func GenerateSelfSignedCertKey ¶
func GenerateSelfSignedCertKey(host string, alternateIPs []net.IP, alternateDNS []string) ([]byte, []byte, error)
GenerateSelfSignedCertKey creates a self-signed certificate and key for the given host. Host may be an IP or a DNS name You may also specify additional subject alt names (either ip or dns names) for the certificate
func MakeCSR ¶
func MakeCSR(privateKey interface{}, subject *pkix.Name, dnsSANs []string, ipSANs []net.IP) (csr []byte, err error)
MakeCSR generates a PEM-encoded CSR using the supplied private key, subject, and SANs. All key types that are implemented via crypto.Signer are supported (This includes *rsa.PrivateKey and *ecdsa.PrivateKey.)
func MakeEllipticPrivateKeyPEM ¶
MakeEllipticPrivateKeyPEM creates an ECDSA private key
func NewPool ¶
NewPool returns an x509.CertPool containing the certificates in the given PEM-encoded file. Returns an error if the file could not be read, a certificate could not be parsed, or if the file does not contain any certificates
func NewPrivateKey ¶
func NewPrivateKey() (*rsa.PrivateKey, error)
NewPrivateKey creates an RSA private key
func NewSelfSignedCACert ¶
func NewSelfSignedCACert(cfg Config, key *rsa.PrivateKey) (*x509.Certificate, error)
NewSelfSignedCACert creates a CA certificate
func NewSignedCert ¶
func NewSignedCert(cfg Config, key *rsa.PrivateKey, caCert *x509.Certificate, caKey *rsa.PrivateKey) (*x509.Certificate, error)
NewSignedCert creates a signed certificate using the given CA certificate and key
func ParseCSR ¶
func ParseCSR(obj *certificates.CertificateSigningRequest) (*x509.CertificateRequest, error)
ParseCSR extracts the CSR from the API object and decodes it.
func ParseCSRV1alpha1 ¶
func ParseCSRV1alpha1(obj *v1alpha1.CertificateSigningRequest) (*x509.CertificateRequest, error)
ParseCSRV1alpha1 extracts the CSR from the API object and decodes it.
func ParseCertsPEM ¶
func ParseCertsPEM(pemCerts []byte) ([]*x509.Certificate, error)
ParseCertsPEM returns the x509.Certificates contained in the given PEM-encoded byte array Returns an error if a certificate could not be parsed, or if the data does not contain any certificates
func ParsePrivateKeyPEM ¶
ParsePrivateKeyPEM returns a private key parsed from a PEM block in the supplied data. Recognizes PEM blocks for "EC PRIVATE KEY" and "RSA PRIVATE KEY"
func WriteCert ¶
WriteCert writes the pem-encoded certificate data to certPath. The certificate file will be created with file mode 0644. If the certificate file already exists, it will be overwritten. The parent directory of the certPath will be created as needed with file mode 0755.