certificates

package module
v0.0.0-...-9fca24f Latest Latest
Warning

This package is not in the latest version of its module.

 Go to latest Published: Aug 21, 2018 License: Apache-2.0 Imports: 22 Imported by: 27

README

go-certificates

Library for golang code related to creating certificates.

Documentation

Index

Constants

This section is empty.

Variables

This section is empty.

Functions

func CreateCertificate 

func CreateCertificate(options CreateCertificateOptions, ca *CA) (string, string, error)

CreateCertificate creates a certificate according to the given configuration. If ca is nil, the certificate will be self-signed, otherwise the certificate will be signed by the given CA certificate+key. The resulting certificate + private key will be PEM encoded and returned as string (cert, priv, error).

func CreateKeystore 

func CreateKeystore(cert, key, caCert string, alias string, keystorePassword []byte) ([]byte, error)

CreateKeystore creates a java keystore containing the given certificate, private key & ca certificate(s).

func CreateTLSConfigFromAuthentication 

func CreateTLSConfigFromAuthentication(a TLSAuthentication, insecureSkipVerify bool) (*tls.Config, error)

CreateTLSConfigFromAuthentication creates a tls.Config object from given configuration.

func EncodeToString 

func EncodeToString(c tls.Certificate) (cert, key string)

EncodeToString encodes the given certification information into 2 strings. The first containing all certificates (PEM encoded), the second containing the private key (PEM encoded).

func ExtractCACertificateFromKeyFile 

func ExtractCACertificateFromKeyFile(keyFile string) (string, error)

ExtractCACertificateFromKeyFile loads a SSL keyfile formatted for the arangod server and extracts the CA certificate(s) from it (if any).

func GetCertificateExpirationDate 

func GetCertificateExpirationDate(config *tls.Config) (time.Time, bool)

GetCertificateExpirationDate returns the expiration date of the TLS certificate found in the given config. Returns: ExpirationDate, FoundExpirationDate

func LoadCertPool 

func LoadCertPool(certificate string) (*x509.CertPool, error)

LoadCertPool creates a certificate pool from the certificate(s) given in the given PEM encoded string.

func LoadFromPEM 

func LoadFromPEM(cert, key string) ([]*x509.Certificate, interface{}, error)

LoadFromPEM parses the given certificate & key into a certificate slice & private key.

func LoadKeyFile 

func LoadKeyFile(keyFile string) (tls.Certificate, error)

LoadKeyFile loads a SSL keyfile formatted for the arangod server.

func SaveKeyFile 

func SaveKeyFile(cert, key string, filename string) error

SaveKeyFile creates a keyfile with given certificate & key data

Types

type CA 

type CA struct {
	Certificate []*x509.Certificate
	PrivateKey  interface{}
}

func LoadCAFromPEM 

func LoadCAFromPEM(cert, key string) (CA, error)

LoadCAFromPEM parses the given certificate & key into a CA instance.

type CreateCertificateOptions 

type CreateCertificateOptions struct {
	Subject        *pkix.Name    // If set, this name is used for the subject of the certificate and CommonName is ignored.
	CommonName     string        // Common name set in the certificate. If not specified, defaults to first email address, then first host and if all not set 'ArangoDB'.
	Hosts          []string      // Comma-separated hostnames and IPs to generate a certificate for
	EmailAddresses []string      // List of email address to include in the certificate as alternative name
	ValidFrom      time.Time     // Creation data of the certificate
	ValidFor       time.Duration // Duration that certificate is valid for
	IsCA           bool          // Whether this cert should be its own Certificate Authority
	IsClientAuth   bool          // Whether this cert can be used for client authentication
	RSABits        int           // Size of RSA key to generate. Ignored if ECDSACurve is set
	ECDSACurve     string        // ECDSA curve to use to generate a key. Valid values are P224, P256, P384, P521
}

type Keyfile 

type Keyfile tls.Certificate

Keyfile contains 1 or more certificates and a private key.

func NewKeyfile 

func NewKeyfile(content string) (Keyfile, error)

NewKeyfile creates a keyfile from given content.

func (Keyfile) EncodeCACertificates 

func (kf Keyfile) EncodeCACertificates() (string, error)

EncodeCACertificates extracts the CA certificate(s) from the given keyfile (if any).

func (Keyfile) EncodeCertificates 

func (kf Keyfile) EncodeCertificates() string

EncodeCertificates extracts all certificates from the given keyfile and encodes them as PEM blocks.

func (Keyfile) EncodePrivateKey 

func (kf Keyfile) EncodePrivateKey() string

EncodePrivateKey extract the private key from the given keyfile and encodes is as PEM block.

func (Keyfile) Validate 

func (kf Keyfile) Validate() error

Validate the contents of the keyfile

type TLSAuthentication 

type TLSAuthentication interface {
	CACertificate() string
	ClientCertificate() string
	ClientKey() string
}

Source Files

View all Source files

Directories

Path Synopsis

Jump to

Keyboard shortcuts

? : This menu
/ : Search site
f or F : Jump to
y or Y : Canonical URL
go.dev uses cookies from Google to deliver and enhance the quality of its services and to analyze traffic. Learn more.