mutualtlsconfig

package module
v0.1.0 Latest Latest
Warning

This package is not in the latest version of its module.

Go to latest
Published: Mar 20, 2020 License: MIT Imports: 17 Imported by: 0

README

mutualtlsconfig

Package mutualtlsconfig provides helpers to configure Mutual TLS Authentication between a Client and Server.

usage and examples

See pkg.go.dev/github.com/jtwatson/mutualtlsconfig for usage.

Documentation

Overview

Package mutualtlsconfig provides helpers to configure Mutual TLS Authentication between a Client and Server.

Index

Constants

This section is empty.

Variables

This section is empty.

Functions

This section is empty.

Types

type CertType added in v0.1.0

type CertType x509.ExtKeyUsage
const (
	// ServerCertType indicates the Certificate has x509.ExtKeyUsageServerAuth set
	ServerCertType CertType = CertType(x509.ExtKeyUsageServerAuth)

	// ClientCertType indicates the Certificate has x509.ExtKeyUsageClientAuth set
	ClientCertType CertType = CertType(x509.ExtKeyUsageClientAuth)
)

type CertificateInformation added in v0.1.0

type CertificateInformation struct {
	Begin        time.Time
	CommonName   string
	Days         int
	DNSNames     []string
	IPAddresses  []net.IP
	Organization string
	Type         CertType
}

CertificateInformation holds required information for generating a Self Signed Certificate

func (*CertificateInformation) Generate added in v0.1.0

func (c *CertificateInformation) Generate() (cert, key []byte, err error)

type TLSConfigurator

type TLSConfigurator struct {
	// contains filtered or unexported fields
}

TLSConfigurator is a utility to simplify setting up a Client/Server using TLS Mutual athentication. The tls.Config's returned will validate certificates for both the Client and Server.

func New added in v0.1.0

func New(cert, key []byte, caCerts ...[]byte) (*TLSConfigurator, error)

New returns a TLSConfigurator

func NewFromFS added in v0.1.0

func NewFromFS(fs http.FileSystem, cert, key string, caCerts ...string) (*TLSConfigurator, error)

NewFromFS loads from fs and returns a TLSConfigurator.

func NewFromFile added in v0.1.0

func NewFromFile(cert, key string, caCerts ...string) (*TLSConfigurator, error)

NewFromFile loads from files and returns a TLSConfigurator.

func (*TLSConfigurator) HTTPSClient

func (c *TLSConfigurator) HTTPSClient() *http.Client

HTTPSClient returns a http.Client with its Transport configured for TLS.

func (*TLSConfigurator) TLSClientConfig

func (c *TLSConfigurator) TLSClientConfig() *tls.Config

TLSClientConfig returns a tls.Config which will fully validate the server certificate using the provided CaCerts.

func (*TLSConfigurator) TLSListener

func (c *TLSConfigurator) TLSListener(ln net.Listener) net.Listener

TLSListener wraps the TLSServerConfig around the net.Listener

func (*TLSConfigurator) TLSServerConfig

func (c *TLSConfigurator) TLSServerConfig() *tls.Config

TLSServerConfig returns a tls.Config which will require and fully validate a client certificate using the provided CaCerts with option tls.RequireAndVerifyClientCert. The client certificate must have x509.ExtKeyUsageClientAuth set.

Directories

Path Synopsis
cmd

Jump to

Keyboard shortcuts

? : This menu
/ : Search site
f or F : Jump to
y or Y : Canonical URL