Documentation ¶
Overview ¶
Package generator implements the HTTP handlers for certificate generation.
Index ¶
- Constants
- func CSRValidate(req *csr.CertificateRequest) error
- func NewCertGeneratorHandler(validator Validator, caFile, caKeyFile string, policy *config.Signing) (http.Handler, error)
- func NewCertGeneratorHandlerFromSigner(validator Validator, signer signer.Signer) http.Handler
- func NewHandler(validator Validator) (http.Handler, error)
- type CertGeneratorHandler
- type CertRequest
- type Handler
- type Sum
- type Validator
Constants ¶
const ( // CSRNoHostMessage is used to alert the user to a certificate lacking a hosts field. CSRNoHostMessage = `` /* 313-byte string literal not displayed */ // NoBundlerMessage is used to alert the user that the server does not have a bundler initialized. NoBundlerMessage = `This request requires a bundler, but one is not initialized for the API server.` )
Variables ¶
This section is empty.
Functions ¶
func CSRValidate ¶
func CSRValidate(req *csr.CertificateRequest) error
CSRValidate does nothing and will never return an error. It exists because NewHandler requires a Validator as a parameter.
func NewCertGeneratorHandler ¶
func NewCertGeneratorHandler(validator Validator, caFile, caKeyFile string, policy *config.Signing) (http.Handler, error)
NewCertGeneratorHandler builds a new handler for generating certificates directly from certificate requests; the validator covers the certificate request and the CA's key and certificate are used to sign the generated request. If remote is not an empty string, the handler will send signature requests to the CFSSL instance contained in remote.
func NewCertGeneratorHandlerFromSigner ¶
NewCertGeneratorHandlerFromSigner returns a handler directly from the signer and validation function.
Types ¶
type CertGeneratorHandler ¶
type CertGeneratorHandler struct {
// contains filtered or unexported fields
}
A CertGeneratorHandler accepts JSON-encoded certificate requests and returns a new private key and signed certificate; it handles sending the CSR to the server.
func (*CertGeneratorHandler) Handle ¶
func (cg *CertGeneratorHandler) Handle(w http.ResponseWriter, r *http.Request) error
Handle responds to requests for the CA to generate a new private key and certificate on behalf of the client. The format for these requests is documented in the API documentation.
func (*CertGeneratorHandler) SetBundler ¶
func (cg *CertGeneratorHandler) SetBundler(caBundleFile, intBundleFile string) (err error)
SetBundler allows injecting an optional Bundler into the CertGeneratorHandler.
type CertRequest ¶
type CertRequest struct { Key string `json:"private_key"` CSR string `json:"certificate_request"` Sums map[string]Sum `json:"sums"` }
A CertRequest stores a PEM-encoded private key and corresponding CSR; this is returned from the CSR generation endpoint.
type Handler ¶
type Handler struct {
// contains filtered or unexported fields
}
A Handler accepts JSON-encoded certificate requests and returns a new private key and certificate request.
type Validator ¶
type Validator func(*csr.CertificateRequest) error
Validator is a type of function that contains the logic for validating a certificate request.