Documentation ¶
Overview ¶
Package tls contains utilities for generating certificates and authorities
Index ¶
- func CertExistsAndValid(CN string, SANs []string, name, dir string) (valid bool, warn []error, err error)
- func CertKeyPairExists(name, dir string) (bool, error)
- func CertValid(CN string, SANs []string, name, dir string) (valid bool, warn []error, err error)
- func NewCACert(csrFile string, commonName string, subject Subject) (key, cert []byte, err error)
- func NewCert(ca *CA, req csr.CertificateRequest) (key, cert []byte, err error)
- func ReadCACert(name, dir string) (key, cert []byte, err error)
- func WriteCert(key, cert []byte, name, dir string) error
- type CA
- type Subject
Constants ¶
This section is empty.
Variables ¶
This section is empty.
Functions ¶
func CertExistsAndValid ¶ added in v1.2.0
func CertExistsAndValid(CN string, SANs []string, name, dir string) (valid bool, warn []error, err error)
CertExistsAndValid verifies that the cert exists and the CN and SANs match the expected values
func CertKeyPairExists ¶
CertKeyPairExists returns true if a key and matching certificate exist. Matching is defined as having the expected file names. No validation is performed on the actual bytes of the cert/key
func CertValid ¶ added in v1.2.0
CertValid returns true if a matching certificate exist Matching is defined as having the expected CN and SANs Warnings: a certificate with a wrong CN or that doesn't contain the expected SANs, Error: a file that exists but cannot be read or parsed as a valid certificate
func NewCACert ¶
NewCACert creates a new Certificate Authority and returns it's private key and public certificate.
func NewCert ¶
func NewCert(ca *CA, req csr.CertificateRequest) (key, cert []byte, err error)
NewCert creates a new certificate/key pair using the CertificateAuthority provided
func ReadCACert ¶
ReadCACert read CA file
Types ¶
type CA ¶
type CA struct { // Key is the CA's private key. Key []byte // Password is the CA's private key password. Can be empty if not password is set. Password string // Cert is the CA's public certificate. Cert []byte // ConfigFile contains a cfssl configuration file for the Certificate Authority ConfigFile string // Profile to be used when signing with this Certificate Authority Profile string }
CA contains information about the Certificate Authority