Documentation
¶
Index ¶
Constants ¶
This section is empty.
Variables ¶
This section is empty.
Functions ¶
This section is empty.
Types ¶
type CertificateAuthorityImpl ¶
type CertificateAuthorityImpl struct {
SA core.StorageAuthority
PA core.PolicyAuthority
Publisher core.Publisher
// contains filtered or unexported fields
}
CertificateAuthorityImpl represents a CA that signs certificates, CRLs, and OCSP responses.
func NewCertificateAuthorityImpl ¶
func NewCertificateAuthorityImpl( config cmd.CAConfig, clk clock.Clock, stats statsd.Statter, issuers []Issuer, keyPolicy core.KeyPolicy, ) (*CertificateAuthorityImpl, error)
NewCertificateAuthorityImpl creates a CA instance that can sign certificates from a single issuer (the first first in the issers slice), and can sign OCSP for any of the issuer certificates provided.
func (*CertificateAuthorityImpl) GenerateOCSP ¶
func (ca *CertificateAuthorityImpl) GenerateOCSP(xferObj core.OCSPSigningRequest) ([]byte, error)
GenerateOCSP produces a new OCSP response and returns it
func (*CertificateAuthorityImpl) IssueCertificate ¶
func (ca *CertificateAuthorityImpl) IssueCertificate(csr x509.CertificateRequest, regID int64) (core.Certificate, error)
IssueCertificate attempts to convert a CSR into a signed Certificate, while enforcing all policies. Names (domains) in the CertificateRequest will be lowercased before storage. Currently it will always sign with the defaultIssuer.
Source Files
Click to show internal directories.
Click to hide internal directories.