Documentation
¶
Overview ¶
cafiles can fetch CA certificate and private key PEM files from many storage backends. PEM encoded CA files can be fetched from local filesystem, AWS S3, or AWS Secrets Manager.
Index ¶
- func CreateServerCertificate(caCert *bifrost.Certificate, caKey *ecdsa.PrivateKey, validity time.Duration) (*bifrost.Certificate, *ecdsa.PrivateKey, error)
- func GetCertKey(ctx context.Context, certUri string, keyUri string) (*bifrost.Certificate, *ecdsa.PrivateKey, error)
- func GetCertificate(ctx context.Context, uri string) (*bifrost.Certificate, error)
- func GetPrivateKey(ctx context.Context, uri string) (*ecdsa.PrivateKey, error)
Constants ¶
This section is empty.
Variables ¶
This section is empty.
Functions ¶
func CreateServerCertificate ¶ added in v1.11.0
func CreateServerCertificate( caCert *bifrost.Certificate, caKey *ecdsa.PrivateKey, validity time.Duration, ) (*bifrost.Certificate, *ecdsa.PrivateKey, error)
CreateServerCertificate creates a TLS server certificate signed by the given CA. The certificate is valid for the given duration. If the duration is zero, the certificate is valid for one year.
func GetCertKey ¶ added in v1.11.0
func GetCertKey( ctx context.Context, certUri string, keyUri string, ) (*bifrost.Certificate, *ecdsa.PrivateKey, error)
GetCertKey returns a bifrost certificate and private key from certUri and keyUri.
func GetCertificate ¶
GetCertificate returns a namespace and a bifrost certificate from uri. uri can be a relative or absolute file path, file://... uri, s3://... uri, or an AWS S3 or AWS Secrets Manager ARN. The certificate is validated before returning.
func GetPrivateKey ¶
GetPrivateKey retrieves a PEM encoded private key from uri. uri can be one of a relative or absolute file path, file://... uri, s3://... uri, or an AWS S3 or AWS Secrets Manager ARN.
Types ¶
This section is empty.
Source Files