Documentation
¶
Index ¶
- func CreateCertPool(rootCa string) (*x509.CertPool, error)
- func DefaultTLSConfig() *tls.Config
- func IssueCertificates(cacheDir, email string, challengeType ChallengeType, domains []string, ...) (*tls.Config, error)
- func Port(address string) int
- type AcmeConfig
- type ChallengeType
- type ClientAuthType
- type Config
- type H2CConfig
- type HTTP
- type HTTPS
- type SSLConfig
- type Server
Constants ¶
This section is empty.
Variables ¶
This section is empty.
Functions ¶
func DefaultTLSConfig ¶
func IssueCertificates ¶
Types ¶
type AcmeConfig ¶
type AcmeConfig struct {
// directory to save the certificates, le_certs default
CacheDir string `json:"cache_dir" yaml:"cache_dir"`
// User email, mandatory
Email string `json:"email" yaml:"email"`
// supported values: http-01, tlsalpn-01
ChallengeType ChallengeType `json:"challenge_type" yaml:"challenge_type"`
// The alternate port to use for the ACME HTTP challenge
AltHTTPPort int `json:"alt_http_port" yaml:"alt_http_port"`
// The alternate port to use for the ACME TLS-ALPN
AltTLSALPNPort int `json:"alt_tlsalpn_port" yaml:"alt_tlsalpn_port"`
// Use LE production endpoint or staging
UseProductionEndpoint bool `json:"use_production_endpoint" yaml:"use_production_endpoint"`
// Domains to obtain certificates
Domains []string `json:"domains" yaml:"domains"`
}
func (*AcmeConfig) InitDefaults ¶
func (cfg *AcmeConfig) InitDefaults() error
type ChallengeType ¶
type ChallengeType string
const ( HTTP01 ChallengeType = "http-01" TLSAlpn01 ChallengeType = "tlsalpn-01" )
type ClientAuthType ¶
type ClientAuthType string
const ( NoClientCert ClientAuthType = "no_client_cert" RequestClientCert ClientAuthType = "request_client_cert" RequireAnyClientCert ClientAuthType = "require_any_client_cert" VerifyClientCertIfGiven ClientAuthType = "verify_client_cert_if_given" RequireAndVerifyClientCert ClientAuthType = "require_and_verify_client_cert" )
type Config ¶
type Config struct {
// Host and port to handle as http server.
Address string `json:"address,omitempty" yaml:"address,omitempty"`
// Redirect when enabled forces all http connections to switch to https.
Redirect bool `json:"redirect,omitempty" yaml:"redirect,omitempty"`
// H2C defines http/2 server options.
H2C H2CConfig `json:"h2c,omitempty" yaml:"h2c,omitempty"`
// SSL defines https server options.
SSL *SSLConfig `json:"ssl,omitempty" yaml:"ssl,omitempty"`
}
func (*Config) InitDefaults ¶
type H2CConfig ¶
type H2CConfig struct {
// MaxConcurrentStreams defaults to 128.
MaxConcurrentStreams uint `json:"max_concurrent_streams,omitempty" yaml:"max_concurrent_streams,omitempty"`
}
func (*H2CConfig) InitDefaults ¶
func (cfg *H2CConfig) InitDefaults()
type SSLConfig ¶
type SSLConfig struct {
// Address to listen as HTTPS server, defaults to 0.0.0.0:443.
Address string `json:"address,omitempty" yaml:"address,omitempty"`
// Acme configuration
Acme *AcmeConfig `json:"acme,omitempty" yaml:"acme,omitempty"`
// Key defined private server key.
Key string `json:"key,omitempty" yaml:"key,omitempty"`
// Cert is https certificate.
Cert string `json:"cert,omitempty" yaml:"cert,omitempty"`
// RootCA file
RootCA string `json:"root_ca,omitempty" yaml:"root_ca,omitempty"`
// AuthType mTLS auth
AuthType ClientAuthType `json:"auth_type,omitempty" yaml:"auth_type,omitempty"`
}
func (*SSLConfig) EnableACME ¶
func (*SSLConfig) InitDefaults ¶
Source Files
Click to show internal directories.
Click to hide internal directories.