Documentation ¶
Index ¶
- Constants
- func CertificatesToSecretData(certificates *certificate.Resource) map[string][]byte
- func DecodeCertificate(tlsCrt []byte) (*x509.Certificate, error)
- func DecodeCertificateFromSecretData(data map[string][]byte) (*x509.Certificate, error)
- func ExtractCommonNameAnDNSNames(csr []byte) (cn *string, san []string, err error)
- func SecretDataToCertificates(data map[string][]byte) *certificate.Resource
- type ConcurrentObtainError
- type DNSControllerSettings
- type ObtainInput
- type ObtainOutput
- type Obtainer
- type ObtainerCallback
- type PendingCertificateRequests
- type PendingResults
- type ProviderWithCount
- type RegistrationUser
- func NewRegistrationUserFromEmail(email string, caDirURL string, secretData map[string][]byte) (*RegistrationUser, error)
- func NewRegistrationUserFromEmailAndPrivateKey(email string, caDirURL string, privateKey crypto.PrivateKey) (*RegistrationUser, error)
- func RegistrationUserFromSecretData(email string, registrationRaw []byte, data map[string][]byte) (*RegistrationUser, error)
- func (u *RegistrationUser) GetEmail() string
- func (u *RegistrationUser) GetPrivateKey() crypto.PrivateKey
- func (u *RegistrationUser) GetRegistration() *registration.Resource
- func (u *RegistrationUser) NewConfig(caDirURL string) *lego.Config
- func (u *RegistrationUser) RawRegistration() ([]byte, error)
- func (u *RegistrationUser) ToSecretData() (map[string][]byte, error)
Constants ¶
const (
// KeyPrivateKey is the secret data key for the private key.
KeyPrivateKey = "privateKey"
)
const TLSCAKey = "ca.crt"
TLSCAKey is the secret data key for the CA key.
Variables ¶
This section is empty.
Functions ¶
func CertificatesToSecretData ¶
func CertificatesToSecretData(certificates *certificate.Resource) map[string][]byte
CertificatesToSecretData converts a certificate resource to secret data.
func DecodeCertificate ¶
func DecodeCertificate(tlsCrt []byte) (*x509.Certificate, error)
DecodeCertificate decodes the crt byte array.
func DecodeCertificateFromSecretData ¶
func DecodeCertificateFromSecretData(data map[string][]byte) (*x509.Certificate, error)
DecodeCertificateFromSecretData decodes the cert key from secret data to a x509 certificate.
func ExtractCommonNameAnDNSNames ¶
ExtractCommonNameAnDNSNames extracts values from a CSR (Certificate Signing Request).
func SecretDataToCertificates ¶
func SecretDataToCertificates(data map[string][]byte) *certificate.Resource
SecretDataToCertificates converts secret data to a certicate resource.
Types ¶
type ConcurrentObtainError ¶ added in v0.2.10
type ConcurrentObtainError struct { // DomainName is the domain name concurrently requested DomainName string }
ConcurrentObtainError is returned if Obtain should be postponed because of concurrent obtain request for at least one domain name.
func (*ConcurrentObtainError) Error ¶ added in v0.2.10
func (d *ConcurrentObtainError) Error() string
type DNSControllerSettings ¶
type DNSControllerSettings struct { // Namespace to set for challenge DNSEntry Namespace string // OwnerID to set for challenge DNSEntry // +optional OwnerID *string // PrecheckNameservers for checking DNS propagation of DNS challenge TXT record PrecheckNameservers []string // AdditionalWait is the additional wait time after DNS propagation // to wait for "last mile" propagation to DNS server used by the ACME server AdditionalWait time.Duration // PropagationTimeout is the propagation timeout for the DNS challenge. PropagationTimeout time.Duration }
DNSControllerSettings are the settings for the DNSController.
type ObtainInput ¶
type ObtainInput struct { // User is the registration user. User *RegistrationUser // DNSCluster is the cluster to use for writing DNS entries for DNS challenges. DNSCluster resources.Cluster // DNSSettings are the settings for the DNSController. DNSSettings DNSControllerSettings // CaDirURL is the URL of the ACME CA directory. CaDirURL string // IssuerName is the name of the issuer to use. IssuerName string // CommonName is the CN. CommonName *string // DNSNames are optional domain names. DNSNames []string // CSR is the optional Certificate Signing Request. CSR []byte // Request name is the request object name. RequestName resources.ObjectName // TargetClass is the target class of the DNSEntry. TargetClass string // Callback is the callback function to return the ObtainOutput. Callback ObtainerCallback // RenewCert is the certificate to renew. RenewCert *certificate.Resource }
ObtainInput contains all data needed to obtain a certificate.
type ObtainOutput ¶
type ObtainOutput struct { // Certificates contains the certificates. Certificates *certificate.Resource // IssuerName is the name of the issuer. IssuerName string // CommonName is the copy from the input. CommonName *string // DNSNames are the copies from the input. DNSNames []string // CSR is the copy from the input. CSR []byte // Renew is the flag if this was a renew request. Renew bool // Err contains the obtain request error. Err error }
ObtainOutput is the result of the certificate obtain request.
type Obtainer ¶ added in v0.2.10
type Obtainer interface { // Obtain starts the async obtain request. Obtain(input ObtainInput) error }
Obtainer provides a Obtain method to start a certificate request
type ObtainerCallback ¶
type ObtainerCallback func(output *ObtainOutput)
ObtainerCallback is callback function type
type PendingCertificateRequests ¶
type PendingCertificateRequests struct {
// contains filtered or unexported fields
}
PendingCertificateRequests contains the pending certificate requests.
func NewPendingRequests ¶
func NewPendingRequests() *PendingCertificateRequests
NewPendingRequests creates a new PendingCertificateRequests
func (*PendingCertificateRequests) Add ¶
func (pr *PendingCertificateRequests) Add(name resources.ObjectName)
Add adds a certificate object name.
func (*PendingCertificateRequests) Contains ¶
func (pr *PendingCertificateRequests) Contains(name resources.ObjectName) bool
Contains check if a certificate object name is pending.
func (*PendingCertificateRequests) Remove ¶
func (pr *PendingCertificateRequests) Remove(name resources.ObjectName)
Remove removes a certificate object name from the pending list.
type PendingResults ¶
type PendingResults struct {
// contains filtered or unexported fields
}
PendingResults caches the ObtainOutput results.
func NewPendingResults ¶
func NewPendingResults() *PendingResults
NewPendingResults creates a new PendingResults.
func (*PendingResults) Add ¶
func (pr *PendingResults) Add(name resources.ObjectName, result *ObtainOutput)
Add adds a object name / ObtainOutput pair.
func (*PendingResults) Peek ¶ added in v0.2.16
func (pr *PendingResults) Peek(name resources.ObjectName) *ObtainOutput
Peek fetches a pending result by object name.
func (*PendingResults) Remove ¶
func (pr *PendingResults) Remove(name resources.ObjectName)
Remove removes a pending result by object name.
type ProviderWithCount ¶
ProviderWithCount is an extended Provider interface.
type RegistrationUser ¶
type RegistrationUser struct { Email string Registration *registration.Resource // contains filtered or unexported fields }
RegistrationUser contains the data of a registration user.
func NewRegistrationUserFromEmail ¶
func NewRegistrationUserFromEmail(email string, caDirURL string, secretData map[string][]byte) (*RegistrationUser, error)
NewRegistrationUserFromEmail generates a private key and requests a new registration for the user.
func NewRegistrationUserFromEmailAndPrivateKey ¶
func NewRegistrationUserFromEmailAndPrivateKey(email string, caDirURL string, privateKey crypto.PrivateKey) (*RegistrationUser, error)
NewRegistrationUserFromEmailAndPrivateKey requests a user registration.
func RegistrationUserFromSecretData ¶
func RegistrationUserFromSecretData(email string, registrationRaw []byte, data map[string][]byte) (*RegistrationUser, error)
RegistrationUserFromSecretData restores a RegistrationUser from a secret data map.
func (*RegistrationUser) GetEmail ¶
func (u *RegistrationUser) GetEmail() string
GetEmail returns the email of the registration user.
func (*RegistrationUser) GetPrivateKey ¶
func (u *RegistrationUser) GetPrivateKey() crypto.PrivateKey
GetPrivateKey returns the private key of the registration user.
func (*RegistrationUser) GetRegistration ¶
func (u *RegistrationUser) GetRegistration() *registration.Resource
GetRegistration returns the registration resource.
func (*RegistrationUser) NewConfig ¶
func (u *RegistrationUser) NewConfig(caDirURL string) *lego.Config
NewConfig creates a new lego config.
func (*RegistrationUser) RawRegistration ¶
func (u *RegistrationUser) RawRegistration() ([]byte, error)
RawRegistration returns the registration as a byte array.
func (*RegistrationUser) ToSecretData ¶
func (u *RegistrationUser) ToSecretData() (map[string][]byte, error)
ToSecretData returns the registration user as a secret data map.