tresor

package
v1.1.4-alpha.3 Latest Latest
Warning

This package is not in the latest version of its module.

Go to latest
Published: Nov 1, 2023 License: Apache-2.0 Imports: 13 Imported by: 0

README

Tresor Certificate Provider

The Tresor package is a minimal certificate issuance facility, which leverages Go's crypto libraries to generate a CA, and issue certificates for Envoy-to-xDS communication as well as Envoy-to-Envoy (east-west) between services.

Documentation

Overview

Package tresor implements the certificate.Manager interface for Tresor, a custom certificate provider in FSM.

Index

Constants

This section is empty.

Variables

This section is empty.

Functions

func NewCA

func NewCA(cn certificate.CommonName, validityPeriod time.Duration, rootCertCountry, rootCertLocality, rootCertOrganization string) (*certificate.Certificate, error)

NewCA creates a new Certificate Authority.

Types

type CertManager

type CertManager struct {
	// contains filtered or unexported fields
}

CertManager implements certificate.Manager

func New

func New(
	ca *certificate.Certificate,
	certificatesOrganization string,
	keySize int) (*CertManager, error)

New constructs a new certificate client using a certificate

func (*CertManager) IssueCertificate

func (cm *CertManager) IssueCertificate(cn certificate.CommonName, saNames []string, validityPeriod time.Duration) (*certificate.Certificate, error)

IssueCertificate requests a new signed certificate from the configured cert-manager issuer.

Directories

Path Synopsis
Package fake moves fakes to their own sub-package
Package fake moves fakes to their own sub-package

Jump to

Keyboard shortcuts

? : This menu
/ : Search site
f or F : Jump to
y or Y : Canonical URL