certificates

package module
v0.0.0-...-9fca24f Latest Latest
Warning

This package is not in the latest version of its module.

Go to latest
Published: Aug 21, 2018 License: Apache-2.0 Imports: 22 Imported by: 25

README

go-certificates

Library for golang code related to creating certificates.

Documentation

Index

Constants

This section is empty.

Variables

This section is empty.

Functions

func CreateCertificate

func CreateCertificate(options CreateCertificateOptions, ca *CA) (string, string, error)

CreateCertificate creates a certificate according to the given configuration. If ca is nil, the certificate will be self-signed, otherwise the certificate will be signed by the given CA certificate+key. The resulting certificate + private key will be PEM encoded and returned as string (cert, priv, error).

func CreateKeystore

func CreateKeystore(cert, key, caCert string, alias string, keystorePassword []byte) ([]byte, error)

CreateKeystore creates a java keystore containing the given certificate, private key & ca certificate(s).

func CreateTLSConfigFromAuthentication

func CreateTLSConfigFromAuthentication(a TLSAuthentication, insecureSkipVerify bool) (*tls.Config, error)

CreateTLSConfigFromAuthentication creates a tls.Config object from given configuration.

func EncodeToString

func EncodeToString(c tls.Certificate) (cert, key string)

EncodeToString encodes the given certification information into 2 strings. The first containing all certificates (PEM encoded), the second containing the private key (PEM encoded).

func ExtractCACertificateFromKeyFile

func ExtractCACertificateFromKeyFile(keyFile string) (string, error)

ExtractCACertificateFromKeyFile loads a SSL keyfile formatted for the arangod server and extracts the CA certificate(s) from it (if any).

func GetCertificateExpirationDate

func GetCertificateExpirationDate(config *tls.Config) (time.Time, bool)

GetCertificateExpirationDate returns the expiration date of the TLS certificate found in the given config. Returns: ExpirationDate, FoundExpirationDate

func LoadCertPool

func LoadCertPool(certificate string) (*x509.CertPool, error)

LoadCertPool creates a certificate pool from the certificate(s) given in the given PEM encoded string.

func LoadFromPEM

func LoadFromPEM(cert, key string) ([]*x509.Certificate, interface{}, error)

LoadFromPEM parses the given certificate & key into a certificate slice & private key.

func LoadKeyFile

func LoadKeyFile(keyFile string) (tls.Certificate, error)

LoadKeyFile loads a SSL keyfile formatted for the arangod server.

func SaveKeyFile

func SaveKeyFile(cert, key string, filename string) error

SaveKeyFile creates a keyfile with given certificate & key data

Types

type CA

type CA struct {
	Certificate []*x509.Certificate
	PrivateKey  interface{}
}

func LoadCAFromPEM

func LoadCAFromPEM(cert, key string) (CA, error)

LoadCAFromPEM parses the given certificate & key into a CA instance.

type CreateCertificateOptions

type CreateCertificateOptions struct {
	Subject        *pkix.Name    // If set, this name is used for the subject of the certificate and CommonName is ignored.
	CommonName     string        // Common name set in the certificate. If not specified, defaults to first email address, then first host and if all not set 'ArangoDB'.
	Hosts          []string      // Comma-separated hostnames and IPs to generate a certificate for
	EmailAddresses []string      // List of email address to include in the certificate as alternative name
	ValidFrom      time.Time     // Creation data of the certificate
	ValidFor       time.Duration // Duration that certificate is valid for
	IsCA           bool          // Whether this cert should be its own Certificate Authority
	IsClientAuth   bool          // Whether this cert can be used for client authentication
	RSABits        int           // Size of RSA key to generate. Ignored if ECDSACurve is set
	ECDSACurve     string        // ECDSA curve to use to generate a key. Valid values are P224, P256, P384, P521
}

type Keyfile

type Keyfile tls.Certificate

Keyfile contains 1 or more certificates and a private key.

func NewKeyfile

func NewKeyfile(content string) (Keyfile, error)

NewKeyfile creates a keyfile from given content.

func (Keyfile) EncodeCACertificates

func (kf Keyfile) EncodeCACertificates() (string, error)

EncodeCACertificates extracts the CA certificate(s) from the given keyfile (if any).

func (Keyfile) EncodeCertificates

func (kf Keyfile) EncodeCertificates() string

EncodeCertificates extracts all certificates from the given keyfile and encodes them as PEM blocks.

func (Keyfile) EncodePrivateKey

func (kf Keyfile) EncodePrivateKey() string

EncodePrivateKey extract the private key from the given keyfile and encodes is as PEM block.

func (Keyfile) Validate

func (kf Keyfile) Validate() error

Validate the contents of the keyfile

type TLSAuthentication

type TLSAuthentication interface {
	CACertificate() string
	ClientCertificate() string
	ClientKey() string
}

Directories

Path Synopsis

Jump to

Keyboard shortcuts

? : This menu
/ : Search site
f or F : Jump to
y or Y : Canonical URL