Documentation ¶
Index ¶
- func EncodeCertPEM(ct *x509.Certificate) []byte
- func EncodePrivateKeyPEM(key *rsa.PrivateKey) []byte
- func NewPrivateKey() (*rsa.PrivateKey, error)
- func NewSignedCert(cfg cert.Config, key crypto.Signer, caCert *x509.Certificate, ...) (*x509.Certificate, error)
- func ValidCACert(key, cert, caCert []byte, dnsName string, time time.Time) bool
- type Artifacts
- type CertGenerator
- type SelfSignedCertGenerator
Constants ¶
This section is empty.
Variables ¶
This section is empty.
Functions ¶
func EncodeCertPEM ¶
func EncodeCertPEM(ct *x509.Certificate) []byte
EncodeCertPEM returns PEM-encoded certificate data
func EncodePrivateKeyPEM ¶
func EncodePrivateKeyPEM(key *rsa.PrivateKey) []byte
EncodePrivateKeyPEM returns PEM-encoded private key data
func NewPrivateKey ¶
func NewPrivateKey() (*rsa.PrivateKey, error)
NewPrivateKey creates an RSA private key
func NewSignedCert ¶
func NewSignedCert(cfg cert.Config, key crypto.Signer, caCert *x509.Certificate, caKey crypto.Signer) (*x509.Certificate, error)
NewSignedCert creates a signed certificate using the given CA certificate and key
Types ¶
type Artifacts ¶
type Artifacts struct { // PEM encoded private key Key []byte // PEM encoded serving certificate Cert []byte // PEM encoded CA private key CAKey []byte // PEM encoded CA certificate CACert []byte // Resource version of the certs ResourceVersion string }
Artifacts hosts a private key, its corresponding serving certificate and the CA certificate that signs the serving certificate.
type CertGenerator ¶
type CertGenerator interface { // Generate returns a Artifacts struct. Generate(CommonName string) (*Artifacts, error) // SetCA sets the PEM-encoded CA private key and CA cert for signing the generated serving cert. SetCA(caKey, caCert []byte) }
CertGenerator is an interface to provision the serving certificate.
type SelfSignedCertGenerator ¶
type SelfSignedCertGenerator struct {
// contains filtered or unexported fields
}
func (*SelfSignedCertGenerator) Generate ¶
func (cp *SelfSignedCertGenerator) Generate(commonName string) (*Artifacts, error)
Generate creates and returns a CA certificate, certificate and key for the server or client. Key and Cert are used by the server or client to establish trust for others, CA certificate is used by the client or server to verify the other's authentication chain. The cert will be valid for 365 days.
func (*SelfSignedCertGenerator) SetCA ¶
func (cp *SelfSignedCertGenerator) SetCA(caKey, caCert []byte)
SetCA sets the PEM-encoded CA private key and CA cert for signing the generated serving cert.