ca

package
v0.0.0-...-fb9e8e8 Latest Latest
Warning

This package is not in the latest version of its module.

Go to latest
Published: Jan 27, 2016 License: MPL-2.0 Imports: 24 Imported by: 0

Documentation

Index

Constants

This section is empty.

Variables

This section is empty.

Functions

This section is empty.

Types

type CertificateAuthorityImpl

type CertificateAuthorityImpl struct {
	SA        core.StorageAuthority
	PA        core.PolicyAuthority
	Publisher core.Publisher
	// contains filtered or unexported fields
}

CertificateAuthorityImpl represents a CA that signs certificates, CRLs, and OCSP responses.

func NewCertificateAuthorityImpl

func NewCertificateAuthorityImpl(
	config cmd.CAConfig,
	clk clock.Clock,
	stats statsd.Statter,
	issuer *x509.Certificate,
	privateKey crypto.Signer,
	keyPolicy core.KeyPolicy,
) (*CertificateAuthorityImpl, error)

NewCertificateAuthorityImpl creates a CA that talks to a remote CFSSL instance. (To use a local signer, simply instantiate CertificateAuthorityImpl directly.) Communications with the CA are authenticated with MACs, using CFSSL's authenticated signature scheme. A CA created in this way issues for a single profile on the remote signer, which is indicated by name in this constructor.

func (*CertificateAuthorityImpl) GenerateOCSP

func (ca *CertificateAuthorityImpl) GenerateOCSP(xferObj core.OCSPSigningRequest) ([]byte, error)

GenerateOCSP produces a new OCSP response and returns it

func (*CertificateAuthorityImpl) IssueCertificate

func (ca *CertificateAuthorityImpl) IssueCertificate(csr x509.CertificateRequest, regID int64) (core.Certificate, error)

IssueCertificate attempts to convert a CSR into a signed Certificate, while enforcing all policies. Names (domains) in the CertificateRequest will be lowercased before storage.

Jump to

Keyboard shortcuts

? : This menu
/ : Search site
f or F : Jump to
y or Y : Canonical URL