Documentation
¶
Index ¶
Constants ¶
const CADirURL = "https://acme-v02.api.letsencrypt.org/directory"
const DefaultRenewAt = 30
DefaultRenewAt is the number of days before expiration a cert should be renewed at.
Variables ¶
var ErrInvalidDomains = errors.New("invalid domains")
var ErrInvalidEmail = errors.New("email required")
Functions ¶
func ValidDomains ¶
ValidDomains is used to validate that the passed domains set includes only valid domains (ie example.com or *.example.com). Returns bool designating whether or not they are ALL valid domains.
Types ¶
type Certificate ¶
type Certificate struct {
ID string
Secret string
// Domains is a list of domains valid for this domain.
Domains []string
// Main domain for "Common Name" field of cert.
CommonName string
// Let's Encrypt CertURL
CertURL string
// Let's Encrypt StableCertURL
CertStableURL string
PrivateKey []byte
Certificate []byte
IssuerCertificate []byte
// Has this cert been issued yet?
Issued bool
// NotAfter
Expiry time.Time
// RewnewAt specifies the number of days before expiration a cert should be
// renewed by.
RenewAt int
LastError error
ModTime time.Time
ACMEEmail string
ACMERegistration *registration.Resource
ACMEKey *ecdsa.PrivateKey
}
func NewCertificate ¶
func NewCertificate(domains []string, email string) (*Certificate, error)
NewCertificate sets up everything needed for Lego to move forward with cert issuance and renewal, as well as generating a unique ID, and a cryptographically secure secret.
func (*Certificate) GetEmail ¶
func (c *Certificate) GetEmail() string
GetEmail is needed to implement the User interface for Lego Clients.
func (*Certificate) GetPrivateKey ¶
func (c *Certificate) GetPrivateKey() crypto.PrivateKey
GetPrivateKey is needed to implement the User interface for Lego Clients.
func (*Certificate) GetRegistration ¶
func (c *Certificate) GetRegistration() *registration.Resource
GetRegistration is needed to implement the User interface for Lego Clients.
type ChallengeConfig ¶
type ChallengeConfig struct {
// AuthEmail is the Cloudflare account email
AuthEmail string
// AuthKey is the API key to use to then retrieve a Cloudflare API token.
AuthKey string
}
ChallengeConfig provides all necessary information for a Cloudflare DNS Challenge provider.
type Config ¶
type Config struct {
// If JWTSecret is ever invalid, we generate a new one randomly.
JWTSecret *auth.JWTSecret
// SuperAdmin is the username of the SA account. If this is "" we allow
// generation of a new one from the superadmin endpoint. (first time running)
SuperAdmin string
SessionKey []byte
}
Config holds all the necessary application level configuration items.
type User ¶
type User struct {
Name string
Role string // RBAC role
Hash string // Will always be an encoding of a password hash
}
User is a system user for the webapp.
func (User) ComparePasswordAndHash ¶
ComparePasswordAndHash takes a password as input, and compares the password hashes to determine if they should be authenticated.
func (*User) SetPassword ¶
SetPassword takes a plaintext password and stores the hash of it in the object.
Source Files