tls

package
v1.3.0 Latest Latest
Warning

This package is not in the latest version of its module.

Go to latest
Published: Mar 30, 2017 License: Apache-2.0 Imports: 15 Imported by: 1

Documentation

Overview

Package tls contains utilities for generating certificates and authorities

Index

Constants

This section is empty.

Variables

This section is empty.

Functions

func CertExistsAndValid added in v1.2.0

func CertExistsAndValid(CN string, SANs []string, name, dir string) (valid bool, warn []error, err error)

CertExistsAndValid verifies that the cert exists and the CN and SANs match the expected values

func CertKeyPairExists

func CertKeyPairExists(name, dir string) (bool, error)

CertKeyPairExists returns true if a key and matching certificate exist. Matching is defined as having the expected file names. No validation is performed on the actual bytes of the cert/key

func CertValid added in v1.2.0

func CertValid(CN string, SANs []string, name, dir string) (valid bool, warn []error, err error)

CertValid returns true if a matching certificate exist Matching is defined as having the expected CN and SANs Warnings: a certificate with a wrong CN or that doesn't contain the expected SANs, Error: a file that exists but cannot be read or parsed as a valid certificate

func NewCACert

func NewCACert(csrFile string, commonName string, subject Subject) (key, cert []byte, err error)

NewCACert creates a new Certificate Authority and returns it's private key and public certificate.

func NewCert

func NewCert(ca *CA, req csr.CertificateRequest) (key, cert []byte, err error)

NewCert creates a new certificate/key pair using the CertificateAuthority provided

func ReadCACert

func ReadCACert(name, dir string) (key, cert []byte, err error)

ReadCACert read CA file

func WriteCert

func WriteCert(key, cert []byte, name, dir string) error

WriteCert writes cert and key files

Types

type CA

type CA struct {
	// Key is the CA's private key.
	Key []byte
	// Password is the CA's private key password. Can be empty if not password is set.
	Password string
	// Cert is the CA's public certificate.
	Cert []byte
	// ConfigFile contains a cfssl configuration file for the Certificate Authority
	ConfigFile string
	// Profile to be used when signing with this Certificate Authority
	Profile string
}

CA contains information about the Certificate Authority

type Subject

type Subject struct {
	Country            string
	State              string
	Locality           string
	Organization       string
	OrganizationalUnit string
}

The Subject contains the fields of the X.509 Subject

Jump to

Keyboard shortcuts

? : This menu
/ : Search site
f or F : Jump to
y or Y : Canonical URL