Documentation ¶
Index ¶
Constants ¶
This section is empty.
Variables ¶
View Source
var DefaultCACertificate = lo.Must(decodeCertificate(embeddedCACertBytes))
View Source
var DefaultCAKey = lo.Must(decodeKey(embeddedCAKeyBytes))
Functions ¶
func GenerateRandomCA ¶
func GenerateRandomCA() (caCert *x509.Certificate, caPrivateKey *rsa.PrivateKey, err error)
func LoadDirCachedCA ¶
func LoadDirCachedCA(dir string) (*x509.Certificate, *rsa.PrivateKey, error)
func LoadUserCachedCA ¶
func LoadUserCachedCA() (*x509.Certificate, *rsa.PrivateKey, error)
Types ¶
type DynamicCertPool ¶
type DynamicCertPool struct {
// contains filtered or unexported fields
}
func LoadUserCachedCertPool ¶
func LoadUserCachedCertPool() (*DynamicCertPool, error)
func NewCertPool ¶
func NewCertPool(cert *x509.Certificate, key *rsa.PrivateKey) *DynamicCertPool
func NewDefaultCertPool ¶
func NewDefaultCertPool() *DynamicCertPool
NewDefaultCertPool acts as a certificate lookup pool for tls.Config.GetCertificate Uses the built-in CA certificate and key. It will generate a new certificate for each hostname that is requested. It will cache the generated certificate for future requests. It will use the default CA certificate and key to sign the generated certificates. It will generate certificates that are valid for 1 year. This is for use in a MITM proxy that can decrypt TLS traffic.
func (*DynamicCertPool) Get ¶
func (d *DynamicCertPool) Get(hostname string) (*tls.Certificate, error)
func (*DynamicCertPool) GetCertificateByHello ¶
func (d *DynamicCertPool) GetCertificateByHello(t *tls.ClientHelloInfo) (*tls.Certificate, error)
func (*DynamicCertPool) ToTLSConfig ¶
func (d *DynamicCertPool) ToTLSConfig() *tls.Config
ToTLSConfig returns a tls.Config that trusts the default CA certificate.
Click to show internal directories.
Click to hide internal directories.