Documentation
¶
Index ¶
- func CertToPEMFormat(tlsCert tls.Certificate) (cert []byte, key []byte)
- func GetKongSystemSelfSignedCerts() (cert []byte, key []byte)
- func MustGenerateCert(opts ...SelfSignedCertificateOption) tls.Certificate
- func MustGenerateCertPEMFormat(opts ...SelfSignedCertificateOption) (cert []byte, key []byte)
- type SelfSignedCertificateOption
- func WithAlreadyExpired() SelfSignedCertificateOption
- func WithCATrue() SelfSignedCertificateOption
- func WithCommonName(commonName string) SelfSignedCertificateOption
- func WithDNSNames(dnsNames ...string) SelfSignedCertificateOption
- func WithMaxPathLen(maxLen int) SelfSignedCertificateOption
- func WithParent(parent tls.Certificate) SelfSignedCertificateOption
Constants ¶
This section is empty.
Variables ¶
This section is empty.
Functions ¶
func CertToPEMFormat ¶ added in v3.4.0
func CertToPEMFormat(tlsCert tls.Certificate) (cert []byte, key []byte)
CertToPEMFormat converts a tls.Certificate to PEM format.
func GetKongSystemSelfSignedCerts ¶
GetKongSystemSelfSignedCerts returns the self-signed certificate and key with CN=*.<controllerNamespace>.svc and subjectAltName=DNS:*.<controllerNamespace>.svc.
func MustGenerateCert ¶ added in v3.4.0
func MustGenerateCert(opts ...SelfSignedCertificateOption) tls.Certificate
MustGenerateCert generates a tls.Certificate struct to be used in TLS client/listener configurations. If no parent certificate is passed using WithParent option, the certificate is self-signed thus returned cert can be used as CA for it.
func MustGenerateCertPEMFormat ¶ added in v3.4.0
func MustGenerateCertPEMFormat(opts ...SelfSignedCertificateOption) (cert []byte, key []byte)
MustGenerateCertPEMFormat generates a certificate and returns certificate and key in PEM format. If no parent certificate is passed using WithParent option, the certificate is self-signed thus returned cert can be used as CA for it.
Types ¶
type SelfSignedCertificateOption ¶ added in v3.2.0
type SelfSignedCertificateOption func(certificateOptions) certificateOptions
func WithAlreadyExpired ¶
func WithAlreadyExpired() SelfSignedCertificateOption
WithAlreadyExpired allows to generate an already expired certificate.
func WithCATrue ¶
func WithCATrue() SelfSignedCertificateOption
WithCATrue allows to use returned certificate to sign other certificates (uses BasicConstraints extension).
func WithCommonName ¶
func WithCommonName(commonName string) SelfSignedCertificateOption
func WithDNSNames ¶
func WithDNSNames(dnsNames ...string) SelfSignedCertificateOption
func WithMaxPathLen ¶ added in v3.4.0
func WithMaxPathLen(maxLen int) SelfSignedCertificateOption
WithMaxPathLen sets the MaxPathLen constraint in the certificate.
func WithParent ¶ added in v3.4.0
func WithParent(parent tls.Certificate) SelfSignedCertificateOption
WithParent allows to sign the certificate with a parent certificate.
Source Files