letsencrypt

package
v0.0.1 Latest Latest
Warning

This package is not in the latest version of its module.

Go to latest
Published: Jan 9, 2021 License: MIT Imports: 24 Imported by: 0

Documentation

Index

Constants

This section is empty.

Variables

This section is empty.

Functions

This section is empty.

Types

type LetsEncrypt

type LetsEncrypt struct {
	AcmeClient *acme.Client
	Account    *acme.Account
	Key        crypto.Signer
	Ctx        context.Context
	Cancel     context.CancelFunc
	HTTPPort   string
}

LetsEncrypt structure holds everything for generating certificates through the LetsEncrypt ACME provider

func New

func New(httpPort string, useStaging bool, p string) (*LetsEncrypt, error)

New creates a new LetsEncrypt instance and loads account info (if present)

func (*LetsEncrypt) Authorize

func (le *LetsEncrypt) Authorize(order *acme.Order) (*acme.Order, error)

Authorize will get an unauthorized order and tries to authorize it. This is done by asking LetsEncrypt to validate the order. This is done by letsencrypt calling our HTTP server on which we respond with a special file.

func (*LetsEncrypt) AuthorizeOrder

func (le *LetsEncrypt) AuthorizeOrder(domain string) (*acme.Order, error)

AuthorizeOrder will create a new (unvalidated) order for the given domain. It must first be validated through the Authorize method before we can call FinalizeOrder to fetch our certificate.

func (*LetsEncrypt) CheckRenewal

func (le *LetsEncrypt) CheckRenewal(cert *x509.Certificate, days int) bool

CheckRenewal will check if the renewal date of the given certificate is met. This is the expiry-date of the certificate minus a number of days (default 30).

func (*LetsEncrypt) FinalizeOrder

func (le *LetsEncrypt) FinalizeOrder(order *acme.Order, domain string, privCertKey crypto.Signer) (privKey string, certificate string, err error)

FinalizeOrder will ask LetsEncrypt for the actual certificate by issusing a certificate order. Note that this can only be done with a valid order. When privCertKey is nil, it will generate a new random RSA 2048 key. When we are renewing a certificate you might want to keep the same key (or not).

func (*LetsEncrypt) LoadCertificate

func (le *LetsEncrypt) LoadCertificate(p string) *x509.Certificate

LoadCertificate loads a certificate from the given path or returns nil when no certificate is found.

func (*LetsEncrypt) RegisterAccount

func (le *LetsEncrypt) RegisterAccount(email string) error

RegisterAccount will register a new account with LetsEncrypt based on the given email. It automatically generates a new private key which is used for communication. This key must be set in the AcmeClient in order to communicate with LetsEncrypt.

func (*LetsEncrypt) SaveAccount

func (le *LetsEncrypt) SaveAccount(dir string) error

SaveAccount will save the given ACME account and matching private Key into the Acme directory. This allows us to use the same account for requesting new certificates later on.

func (*LetsEncrypt) StartHTTPServer

func (le *LetsEncrypt) StartHTTPServer() *http.Server

StartHTTPServer will start the HTTP server in the background which is called by LetsEncrypt for validating orders.

Jump to

Keyboard shortcuts

? : This menu
/ : Search site
f or F : Jump to
y or Y : Canonical URL