Documentation
¶
Index ¶
- Constants
- func CertToPem(cert *x509.Certificate) []byte
- func GenerateClientCertificate(rootCAKey *rsa.PrivateKey, rootCACert *x509.Certificate) ([]byte, []byte, error)
- func GenerateSelfSignedCertificate(cfg *CertCfg) (*rsa.PrivateKey, *x509.Certificate, error)
- func GenerateSignedCertificate(caKey *rsa.PrivateKey, caCert *x509.Certificate, cfg *CertCfg) (*rsa.PrivateKey, *x509.Certificate, error)
- func GetSelfSignedCA() (*rsa.PrivateKey, *x509.Certificate, error)
- func PrivateKey() (*rsa.PrivateKey, error)
- func PrivateKeyToPem(key *rsa.PrivateKey) []byte
- func SelfSignedCertificate(cfg *CertCfg, key *rsa.PrivateKey) (*x509.Certificate, error)
- func SignedCertificate(cfg *CertCfg, csr *x509.CertificateRequest, key *rsa.PrivateKey, ...) (*x509.Certificate, error)
- func VerifyCertificateAgainstRootCA(ca, certificate string) (bool, error)
- type CertCfg
Constants ¶
const ( // ValidityOneDay sets the validity of a cert to 24 hours. ValidityOneDay = time.Hour * 24 // ValidityOneYear sets the validity of a cert to 1 year. ValidityOneYear = ValidityOneDay * 365 // ValidityTenYears sets the validity of a cert to 10 years. ValidityTenYears = ValidityOneYear * 10 )
This file is taken from openshift/installer repo and adds more function https://github.com/openshift/installer/blob/master/pkg/asset/tls/tls.go Importing installer just for this file adds lots of different dependencies and also increase the binary size.
Variables ¶
This section is empty.
Functions ¶
func CertToPem ¶
func CertToPem(cert *x509.Certificate) []byte
CertToPem converts an x509.Certificate object to a pem string
func GenerateClientCertificate ¶
func GenerateClientCertificate(rootCAKey *rsa.PrivateKey, rootCACert *x509.Certificate) ([]byte, []byte, error)
func GenerateSelfSignedCertificate ¶
func GenerateSelfSignedCertificate(cfg *CertCfg) (*rsa.PrivateKey, *x509.Certificate, error)
GenerateSelfSignedCertificate generates a key/cert pair defined by CertCfg.
func GenerateSignedCertificate ¶
func GenerateSignedCertificate(caKey *rsa.PrivateKey, caCert *x509.Certificate, cfg *CertCfg) (*rsa.PrivateKey, *x509.Certificate, error)
GenerateSignedCertificate generate a key and cert defined by CertCfg and signed by CA.
func GetSelfSignedCA ¶
func GetSelfSignedCA() (*rsa.PrivateKey, *x509.Certificate, error)
func PrivateKey ¶
func PrivateKey() (*rsa.PrivateKey, error)
PrivateKey generates an RSA Private key and returns the value
func PrivateKeyToPem ¶
func PrivateKeyToPem(key *rsa.PrivateKey) []byte
PrivateKeyToPem converts an rsa.PrivateKey object to pem string
func SelfSignedCertificate ¶
func SelfSignedCertificate(cfg *CertCfg, key *rsa.PrivateKey) (*x509.Certificate, error)
SelfSignedCertificate creates a self signed certificate
func SignedCertificate ¶
func SignedCertificate( cfg *CertCfg, csr *x509.CertificateRequest, key *rsa.PrivateKey, caCert *x509.Certificate, caKey *rsa.PrivateKey, ) (*x509.Certificate, error)
SignedCertificate creates a new X.509 certificate based on a template.
func VerifyCertificateAgainstRootCA ¶
VerifyCertificateAgainstRootCA takes caPEM and certificatePEM as string to validate if given certificate is signed by given ca.
Source Files