tls

package
v0.0.0-...-7f72c11 Latest Latest
Warning

This package is not in the latest version of its module.

Go to latest
Published: Mar 29, 2017 License: Apache-2.0 Imports: 4 Imported by: 0

Documentation

Index

Constants

This section is empty.

Variables

This section is empty.

Functions

func NewTLSClientConfig

func NewTLSClientConfig(caPath string) (*tls.Config, error)

NewTLSClientConfig returns a TLS config for a client connection If caPath is empty, system CAs will be used

func NewTLSConfig

func NewTLSConfig(certPath, keyPath, caPath string) (*tls.Config, error)

NewTLSConfig returns a TLS config that includes a certificate Use for server TLS config or when using a client certificate If caPath is empty, system CAs will be used

func NewTLSConfigFromArgs

func NewTLSConfigFromArgs(args ...string) (*tls.Config, error)

NewTLSConfigFromArgs returns a TLS config based upon the passed in list of arguments. Typically these come straight from the Corefile. no args

  • creates a Config with no cert and using system CAs
  • use for a client that talks to a server with a public signed cert (CA installed in system)
  • the client will not be authenticated by the server since there is no cert

one arg: the path to CA PEM file

  • creates a Config with no cert using a specific CA
  • use for a client that talks to a server with a private signed cert (CA not installed in system)
  • the client will not be authenticated by the server since there is no cert

two args: path to cert PEM file, the path to private key PEM file

  • creates a Config with a cert, using system CAs to validate the other end
  • use for:
  • a server; or,
  • a client that talks to a server with a public cert and needs certificate-based authentication
  • the other end will authenticate this end via the provided cert
  • the cert of the other end will be verified via system CAs

three args: path to cert PEM file, path to client private key PEM file, path to CA PEM file

  • creates a Config with the cert, using specified CA to validate the other end
  • use for:
  • a server; or,
  • a client that talks to a server with a privately signed cert and needs certificate-based authentication
  • the other end will authenticate this end via the provided cert
  • this end will verify the other end's cert using the specified CA

Types

This section is empty.

Jump to

Keyboard shortcuts

? : This menu
/ : Search site
f or F : Jump to
y or Y : Canonical URL