Documentation ¶
Index ¶
- type CertificateAuthorityImpl
- func (ca *CertificateAuthorityImpl) GenerateOCSP(ctx context.Context, xferObj core.OCSPSigningRequest) ([]byte, error)
- func (ca *CertificateAuthorityImpl) IssueCertificate(ctx context.Context, issueReq *caPB.IssueCertificateRequest) (core.Certificate, error)
- func (ca *CertificateAuthorityImpl) IssueCertificateForPrecertificate(ctx context.Context, req *caPB.IssueCertificateForPrecertificateRequest) (core.Certificate, error)
- func (ca *CertificateAuthorityImpl) IssuePrecertificate(ctx context.Context, issueReq *caPB.IssueCertificateRequest) (*caPB.IssuePrecertificateResponse, error)
- type Issuer
Constants ¶
This section is empty.
Variables ¶
This section is empty.
Functions ¶
This section is empty.
Types ¶
type CertificateAuthorityImpl ¶
type CertificateAuthorityImpl struct {
// contains filtered or unexported fields
}
CertificateAuthorityImpl represents a CA that signs certificates, CRLs, and OCSP responses.
func NewCertificateAuthorityImpl ¶
func NewCertificateAuthorityImpl( config ca_config.CAConfig, sa certificateStorage, pa core.PolicyAuthority, clk clock.Clock, stats metrics.Scope, issuers []Issuer, keyPolicy goodkey.KeyPolicy, logger blog.Logger, ) (*CertificateAuthorityImpl, error)
NewCertificateAuthorityImpl creates a CA instance that can sign certificates from a single issuer (the first first in the issuers slice), and can sign OCSP for any of the issuer certificates provided.
func (*CertificateAuthorityImpl) GenerateOCSP ¶
func (ca *CertificateAuthorityImpl) GenerateOCSP(ctx context.Context, xferObj core.OCSPSigningRequest) ([]byte, error)
GenerateOCSP produces a new OCSP response and returns it
func (*CertificateAuthorityImpl) IssueCertificate ¶
func (ca *CertificateAuthorityImpl) IssueCertificate(ctx context.Context, issueReq *caPB.IssueCertificateRequest) (core.Certificate, error)
IssueCertificate attempts to convert a CSR into a signed Certificate, while enforcing all policies. Names (domains) in the CertificateRequest will be lowercased before storage. Currently it will always sign with the defaultIssuer.
func (*CertificateAuthorityImpl) IssueCertificateForPrecertificate ¶
func (ca *CertificateAuthorityImpl) IssueCertificateForPrecertificate(ctx context.Context, req *caPB.IssueCertificateForPrecertificateRequest) (core.Certificate, error)
func (*CertificateAuthorityImpl) IssuePrecertificate ¶
func (ca *CertificateAuthorityImpl) IssuePrecertificate(ctx context.Context, issueReq *caPB.IssueCertificateRequest) (*caPB.IssuePrecertificateResponse, error)
Click to show internal directories.
Click to hide internal directories.