server

package

v0.4.0 Latest Latest Go to latest Published: Aug 16, 2020 License: MIT Imports: 39 Imported by: 0

Details

Valid go.mod file
Redistributable license
Tagged version
Stable version
Learn more about best practices

Repository

github.com/jxskiss/ssl-cert-server

Links

Open Source Insights

Documentation ¶

Index ¶

Constants
Variables
func CreateSelfSignedCertificate(validDays int, organization []string) (certPEM, privKeyPEM []byte, err error)
func EncodeECDSAKey(w io.Writer, key *ecdsa.PrivateKey) error
func EncodeRSAKey(w io.Writer, key *rsa.PrivateKey) error
func FlushLogs()
func GetManagedCertificate(certKey string) (*tls.Certificate, error)
func GetSelfSignedCertificate() (*tls.Certificate, error)
func HostWhitelist(hosts ...string) autocert.HostPolicy
func InitConfig()
func InitFlags()
func IsManagedDomain(domain string) (certKey string, ok bool)
func IsSelfSignedAllowed(domain string) bool
func NewDirCache(cacheDir string) (autocert.Cache, error)
func NewRedisCache(redisURL string) (autocert.Cache, error)
func RegexpWhitelist(patterns ...*regexp.Regexp) autocert.HostPolicy
type Manager
- func GetManager() *Manager

Constants ¶

View Source

const (
	LetsEncrypt = 0
	Managed     = 1
	SelfSigned  = 100
)

certificate types

Variables ¶

View Source

var (
	RspInvalidDomainName    = []byte("Invalid domain name.")
	RspHostNotPermitted     = []byte("Host name not permitted.")
	RspCertificateIsExpired = []byte("Certificate is expired.")
	RspErrGetCertificate    = []byte("Error getting certificate.")
	RspErrEncodeCertificate = []byte("Error encode certificate.")
)

View Source

var (
	ErrStaplingNotCached = errors.New("OCSP stapling is not cached")
	ErrCertfuncNotFound  = errors.New("certificate func not found")
)

View Source

var Cfg = &config{}

View Source

var DefaultSelfSignedOrganization = []string{"SSL Cert Server Self-Signed"}

View Source

var ErrHostNotPermitted = errors.New("host not permitted")

View Source

var Flags struct {
	ShowVersion bool   // default: false
	ConfigFile  string // default: "./conf.yaml"
}

View Source

var OCSPManager = &ocspManager{}

Functions ¶

func CreateSelfSignedCertificate ¶

func CreateSelfSignedCertificate(validDays int, organization []string) (certPEM, privKeyPEM []byte, err error)

func EncodeECDSAKey ¶

func EncodeECDSAKey(w io.Writer, key *ecdsa.PrivateKey) error

func EncodeRSAKey ¶

func EncodeRSAKey(w io.Writer, key *rsa.PrivateKey) error

func FlushLogs ¶

func FlushLogs()

func GetManagedCertificate ¶

func GetManagedCertificate(certKey string) (*tls.Certificate, error)

func GetSelfSignedCertificate ¶

func GetSelfSignedCertificate() (*tls.Certificate, error)

func HostWhitelist ¶

func HostWhitelist(hosts ...string) autocert.HostPolicy

func InitConfig ¶

func InitConfig()

func InitFlags ¶

func InitFlags()

func IsManagedDomain ¶

func IsManagedDomain(domain string) (certKey string, ok bool)

func IsSelfSignedAllowed ¶

func IsSelfSignedAllowed(domain string) bool

func NewDirCache ¶

func NewDirCache(cacheDir string) (autocert.Cache, error)

func NewRedisCache ¶

func NewRedisCache(redisURL string) (autocert.Cache, error)

func RegexpWhitelist ¶

func RegexpWhitelist(patterns ...*regexp.Regexp) autocert.HostPolicy

Types ¶

type Manager ¶

type Manager struct {
	ForceRSA bool
	// contains filtered or unexported fields
}

func GetManager ¶

func GetManager() *Manager

func (*Manager) BuildRoutes ¶

func (m *Manager) BuildRoutes(mux *http.ServeMux)

func (*Manager) GetCertificate ¶

func (m *Manager) GetCertificate(name string) (*tls.Certificate, error)

func (*Manager) GetCertificateByName ¶

func (m *Manager) GetCertificateByName(name string) (tlscert *tls.Certificate, certType int, err error)

func (*Manager) GetOCSPStaplingByName ¶

func (m *Manager) GetOCSPStaplingByName(name string, fingerprint string) ([]byte, time.Time, error)

func (*Manager) HandleCertificate ¶

func (m *Manager) HandleCertificate(w http.ResponseWriter, r *http.Request)

HandlerCertificate handlers requests of SSL certificate.

Possible responses are:

200 with the certificate data as response
400 the requested domain name is invalid or not permitted
500 which indicates the server failed to process the request, in such case, the body will be filled with the error message

func (*Manager) HandleOCSPStapling ¶

func (m *Manager) HandleOCSPStapling(w http.ResponseWriter, r *http.Request)

HandleOCSPStapling handles requests of OCSP stapling.

Possible responses are:

200 with the OCSP response as body
204 without body, which indicates OCSP stapling for the requested domain is not available, temporarily or permanently
400 which indicates the requested domain name is invalid or not permitted

func (*Manager) KeyName ¶

func (m *Manager) KeyName(domain string) string

func (*Manager) OCSPKeyName ¶

func (m *Manager) OCSPKeyName(domain string) string

Source Files ¶

View all Source files

?	: This menu
/	: Search site
f or F	: Jump to
y or Y	: Canonical URL