Documentation
¶
Index ¶
- Constants
- Variables
- func CreateSelfSignedCertificate(validDays int, organization []string) (certPEM, privKeyPEM []byte, err error)
- func EncodeECDSAKey(w io.Writer, key *ecdsa.PrivateKey) error
- func EncodeRSAKey(w io.Writer, key *rsa.PrivateKey) error
- func FlushLogs()
- func GetManagedCertificate(certKey string) (*tls.Certificate, error)
- func GetSelfSignedCertificate() (*tls.Certificate, error)
- func HostWhitelist(hosts ...string) autocert.HostPolicy
- func InitConfig()
- func InitFlags()
- func IsManagedDomain(domain string) (certKey string, ok bool)
- func IsSelfSignedAllowed(domain string) bool
- func NewDirCache(cacheDir string) (autocert.Cache, error)
- func NewOCSPManager() *ocspManager
- func NewRedisCache(cfg redisConfig) (autocert.Cache, error)
- func RegexpWhitelist(patterns ...*regexp.Regexp) autocert.HostPolicy
- type Manager
- func (m *Manager) BuildRoutes(mux *http.ServeMux)
- func (m *Manager) GetAutocertALPN01Certificate(name string) (*tls.Certificate, error)
- func (m *Manager) GetAutocertCertificate(name string) (*tls.Certificate, error)
- func (m *Manager) GetCertificateByName(name string) (tlscert *tls.Certificate, certType int, err error)
- func (m *Manager) GetOCSPStaplingByName(name string, fingerprint string) ([]byte, time.Time, error)
- func (m *Manager) HandleCertificate(w http.ResponseWriter, r *http.Request)
- func (m *Manager) HandleOCSPStapling(w http.ResponseWriter, r *http.Request)
- func (m *Manager) KeyName(domain string) string
- func (m *Manager) OCSPKeyName(domain string) string
Constants ¶
View Source
const ( LetsEncrypt = 0 Managed = 1 SelfSigned = 100 ALPNCert = 101 )
Certificate types
- smaller than 100 for certificates which have OCSP stapling; - equal or larger than 100 for certificates which don't have OCSP stapling;
Variables ¶
View Source
var ( RspInvalidDomainName = []byte("Invalid domain name.") RspHostNotPermitted = []byte("Host name not permitted.") RspCertificateIsExpired = []byte("Certificate is expired.") RspErrGetCertificate = []byte("Error getting certificate.") RspErrMarshalCertificate = []byte("Error marshal certificate.") )
View Source
var ( ErrStaplingNotCached = errors.New("OCSP stapling is not cached") ErrCertfuncNotFound = errors.New("certificate func not found") )
View Source
var Cfg = &config{}
View Source
var DefaultSelfSignedOrganization = []string{"SSL Cert Server Self-Signed"}
View Source
var ErrHostNotPermitted = errors.New("host not permitted")
View Source
var Flags struct { ShowVersion bool // default: false ConfigFile string // default: "./conf.yaml" }
View Source
var OCSPManager = NewOCSPManager()
Functions ¶
func EncodeECDSAKey ¶
func EncodeECDSAKey(w io.Writer, key *ecdsa.PrivateKey) error
func EncodeRSAKey ¶
func EncodeRSAKey(w io.Writer, key *rsa.PrivateKey) error
func GetManagedCertificate ¶
func GetManagedCertificate(certKey string) (*tls.Certificate, error)
func GetSelfSignedCertificate ¶
func GetSelfSignedCertificate() (*tls.Certificate, error)
func HostWhitelist ¶
func HostWhitelist(hosts ...string) autocert.HostPolicy
func InitConfig ¶
func InitConfig()
func IsManagedDomain ¶
func IsSelfSignedAllowed ¶
func NewOCSPManager ¶ added in v0.4.2
func NewOCSPManager() *ocspManager
func NewRedisCache ¶
func RegexpWhitelist ¶
func RegexpWhitelist(patterns ...*regexp.Regexp) autocert.HostPolicy
Types ¶
type Manager ¶
type Manager struct {
ForceRSA bool
// contains filtered or unexported fields
}
func GetManager ¶
func GetManager() *Manager
func (*Manager) BuildRoutes ¶
func (*Manager) GetAutocertALPN01Certificate ¶ added in v0.4.1
func (m *Manager) GetAutocertALPN01Certificate(name string) (*tls.Certificate, error)
func (*Manager) GetAutocertCertificate ¶ added in v0.4.1
func (m *Manager) GetAutocertCertificate(name string) (*tls.Certificate, error)
func (*Manager) GetCertificateByName ¶
func (*Manager) GetOCSPStaplingByName ¶
func (*Manager) HandleCertificate ¶
func (m *Manager) HandleCertificate(w http.ResponseWriter, r *http.Request)
HandleCertificate handlers requests of SSL certificate.
Possible responses are:
- 200 with the certificate data as response
- 400 the requested domain name is invalid or not permitted
- 500 which indicates the server failed to process the request, in such case, the body will be filled with the error message
func (*Manager) HandleOCSPStapling ¶
func (m *Manager) HandleOCSPStapling(w http.ResponseWriter, r *http.Request)
HandleOCSPStapling handles requests of OCSP stapling.
Possible responses are:
- 200 with the OCSP response as body
- 204 without body, which indicates OCSP stapling for the requested domain is not available, temporarily or permanently
- 400 which indicates the requested domain name is invalid or not permitted
func (*Manager) OCSPKeyName ¶
Source Files
Click to show internal directories.
Click to hide internal directories.