Documentation ¶
Index ¶
Constants ¶
This section is empty.
Variables ¶
This section is empty.
Functions ¶
This section is empty.
Types ¶
type CertificateAuthorityImpl ¶
type CertificateAuthorityImpl struct { SA core.StorageAuthority PA core.PolicyAuthority Publisher core.Publisher // contains filtered or unexported fields }
CertificateAuthorityImpl represents a CA that signs certificates, CRLs, and OCSP responses.
func NewCertificateAuthorityImpl ¶
func NewCertificateAuthorityImpl( config cmd.CAConfig, clk clock.Clock, stats statsd.Statter, issuer *x509.Certificate, privateKey crypto.Signer, keyPolicy core.KeyPolicy, ) (*CertificateAuthorityImpl, error)
NewCertificateAuthorityImpl creates a CA that talks to a remote CFSSL instance. (To use a local signer, simply instantiate CertificateAuthorityImpl directly.) Communications with the CA are authenticated with MACs, using CFSSL's authenticated signature scheme. A CA created in this way issues for a single profile on the remote signer, which is indicated by name in this constructor.
func (*CertificateAuthorityImpl) GenerateOCSP ¶
func (ca *CertificateAuthorityImpl) GenerateOCSP(xferObj core.OCSPSigningRequest) ([]byte, error)
GenerateOCSP produces a new OCSP response and returns it
func (*CertificateAuthorityImpl) IssueCertificate ¶
func (ca *CertificateAuthorityImpl) IssueCertificate(csr x509.CertificateRequest, regID int64) (core.Certificate, error)
IssueCertificate attempts to convert a CSR into a signed Certificate, while enforcing all policies. Names (domains) in the CertificateRequest will be lowercased before storage.