Documentation
¶
Overview ¶
Package cert provides facilities for automatically updating in-memory TLS certificates whenever the corresponding files change on disk. It will generate an in-memory self-signed certificate if none is found on disk.
It is used as follows:
certificate := cert.New("cert.pem", "key.pem") s := http.Server{ Addr: ":8443", TLSConfig: &tls.Config{ GetCertificate: func(hello *tls.ClientHelloInfo) (*tls.Certificate, error) { return certificate.Get() }, }, } err := s.ListenAndServeTLS("", "")
Index ¶
Constants ¶
This section is empty.
Variables ¶
This section is empty.
Functions ¶
This section is empty.
Types ¶
type Certificate ¶
type Certificate struct {
// contains filtered or unexported fields
}
Type Certificate represents a TLS certificate loaded from on-disk files whose value will change transparently to the application when the on-disk files are modified.
func New ¶
func New(certFile, keyFile string) *Certificate
New creates a new dynamic certificate. The parameters keyFile and certFile are like those of tls.LoadX509KeyPair.
func (*Certificate) Get ¶
func (cert *Certificate) Get() (*tls.Certificate, error)
Get returns the tls.Certificate corresponding to cert. If both the key file and the cert file indicated by cert exist and are readable, Get returns a certificate built from these files. If neither exists, it returns an autogenerated self-signed certificate. In other situations, it returns an error. Get caches its results, and is therefore fast enough to be called on each HTTPS request.