Documentation
¶
Index ¶
- Constants
- Variables
- func CreateSelfSignedCertificate(validDays int, organization []string) (pubKeyPEM, privKeyPEM []byte, err error)
- func NewDNSSolver(credential *config.DNSCredential) (*dnsSolver, error)
- type ACMEManager
- type CertFunc
- type HTTPAndTLSALPNSolver
- type ManagedCertManager
- type Mux
- type OCSPManager
- type SelfSignedManager
- type Server
- type Storage
- type StorageManager
- type V1API
Constants ¶
View Source
const ( CodeBadRequest = 1000 CodeNoContent = 1001 CodeInternalError = 1002 )
View Source
const ( StorageTypeDirCache = "dir_cache" StorageTypeRedis = "redis" )
View Source
const SelfSignedCertKey = "self_signed"
Variables ¶
View Source
var ( ErrInvalidDomainName = errors.New("invalid domain name") ErrHostNotPermitted = errors.New("host name not permitted") ErrUnknownCertificateType = errors.New("unknown certificate type") ErrCertificateIsExpired = errors.New("certificate is expired") ErrGetCertificate = errors.New("cannot get certificate") ErrMarshalCertificate = errors.New("cannot marshal certificate") ErrOCSPStaplingNotCached = errors.New("OCSP stapling not cached") ErrOCSPStaplingNotSupported = errors.New("OCSP stapling not supported") )
View Source
var ErrCacheMiss = errors.New("cache miss")
Functions ¶
func NewDNSSolver ¶ added in v0.6.0
func NewDNSSolver(credential *config.DNSCredential) (*dnsSolver, error)
Types ¶
type ACMEManager ¶ added in v0.6.0
type ACMEManager interface { GetNamedCertificate(ctx context.Context, name string, createIfNotCached bool) (*tls.Certificate, error) GetOnDemandCertificate(ctx context.Context, domain string, createIfNotCached bool) (*tls.Certificate, error) }
func NewACMEManager ¶ added in v0.6.0
func NewACMEManager( cfg *config.Config, storMgr StorageManager, ocsp OCSPManager, httpSolver HTTPAndTLSALPNSolver, ) ACMEManager
type CertFunc ¶ added in v0.6.0
type CertFunc = func() (*tls.Certificate, error)
type HTTPAndTLSALPNSolver ¶ added in v0.6.0
type HTTPAndTLSALPNSolver interface { acmez.Solver HandleACMEChallenge(w http.ResponseWriter, r *http.Request) GetALPNCertificate(token string) (*tls.Certificate, error) }
func NewHTTPAndTLSALPNSolver ¶ added in v0.6.0
func NewHTTPAndTLSALPNSolver() HTTPAndTLSALPNSolver
type ManagedCertManager ¶ added in v0.5.0
type ManagedCertManager interface {
GetCertificate(ctx context.Context, name string) (*tls.Certificate, error)
}
func NewManagedCertManager ¶ added in v0.5.0
func NewManagedCertManager(cfg *config.Config, storage StorageManager, ocspMgr OCSPManager) ManagedCertManager
type OCSPManager ¶
type OCSPManager interface { GetOCSPStapling(ctx context.Context, key string, fp string, checkCachedCert CertFunc) (der []byte, nextUpdate time.Time, err error) Watch(ctx context.Context, key string, getCert CertFunc) NotifyCertChange(key string, getCert CertFunc) }
func NewOCSPManager ¶ added in v0.4.2
func NewOCSPManager() OCSPManager
type SelfSignedManager ¶ added in v0.6.0
type SelfSignedManager interface { IsSelfSigned(fp string) bool GetCertificate(ctx context.Context) (*tls.Certificate, error) }
func NewSelfSignedManager ¶ added in v0.6.0
func NewSelfSignedManager(cfg *config.Config, storage StorageManager) SelfSignedManager
type Server ¶ added in v0.5.0
type Server struct { pb.DRPCCertServerUnimplementedServer // contains filtered or unexported fields }
func NewServer ¶ added in v0.5.0
func NewServer( cfg *config.Config, selfSigned SelfSignedManager, managed ManagedCertManager, acme ACMEManager, ocsp OCSPManager, httpSolver HTTPAndTLSALPNSolver, ) *Server
func (*Server) GetCertificate ¶ added in v0.6.0
func (p *Server) GetCertificate(ctx context.Context, req *pb.GetCertificateRequest) (*pb.GetCertificateResponse, error)
func (*Server) GetOCSPStapling ¶ added in v0.6.0
func (p *Server) GetOCSPStapling(ctx context.Context, req *pb.GetOCSPStaplingRequest) (*pb.GetOCSPStaplingResponse, error)
type Storage ¶ added in v0.6.0
type Storage interface { Get(ctx context.Context, key string) (data []byte, err error) Put(ctx context.Context, key string, data []byte) error Delete(ctx context.Context, key string) error }
func NewDirCache ¶
func NewRedisCache ¶
func NewRedisCache(cfg config.RedisConfig) (Storage, error)
type StorageManager ¶ added in v0.5.0
type StorageManager interface { GetAccountPrivateKey(ctx context.Context, email string) ([]byte, error) SaveAccountPrivateKey(ctx context.Context, email string, data []byte) error LoadCertificate(ctx context.Context, certTyp pb.Certificate_Type, key string) (cert *tls.Certificate, pubKey, privKey []byte, err error) SaveCertificate(ctx context.Context, certTyp pb.Certificate_Type, key string, pubKey, privKey []byte) error }
func NewStorageManager ¶ added in v0.5.0
func NewStorageManager(cfg *config.Config, storage Storage) StorageManager
Click to show internal directories.
Click to hide internal directories.