acmeagent

package module
v0.0.0-...-5d42ba7 Latest Latest
Warning

This package is not in the latest version of its module.

Go to latest
Published: Jul 7, 2016 License: MIT Imports: 22 Imported by: 1

README

go-cloud-acmeagent

(WIP) ACME Agent For Cloud Services

DESCRIPTION

This library wraps around cloud services like Google Cloud Platform and Amazon Web Services, so that you can programatically.

State informations such as account data and per-domain authorizations can also be stored in Google Cloud Storage and Amazon S3 and such.

Documentation

Index

Constants

View Source
const (
	DNSChallenge    = "dns-01"
	HTTPChallenge   = "http-01"
	TLSSNIChallenge = "tls-sni-01"
)
View Source
const LetsEncryptStagingURL = "https://acme-staging.api.letsencrypt.org/directory"
View Source
const LetsEncryptURL = "https://acme-v01.api.letsencrypt.org/directory"

Variables

View Source
var DefaultDirectoryURL = LetsEncryptURL

Functions

This section is empty.

Types

type ACMEError

type ACMEError struct {
	StatusCode int
	Type       string `json:"type"`
	Detail     string `json:"detail"`
}

See https://tools.ietf.org/html/draft-ietf-acme-acme-01#section-5.4

func (*ACMEError) Error

func (e *ACMEError) Error() string

type Account

type Account struct {
	URL       string
	TOS       string
	AgreedTOS time.Time
}

Account to holds the registration information

type AcmeAgent

type AcmeAgent struct {
	Store StateStorage
	// contains filtered or unexported fields
}

func New

func New(opts AgentOptions) (*AcmeAgent, error)

New creates a new AcmeAgent.

func (*AcmeAgent) AuthorizeForDomain

func (aa *AcmeAgent) AuthorizeForDomain(domain string) error

func (*AcmeAgent) IssueCertificate

func (aa *AcmeAgent) IssueCertificate(cn string, domains []string, renew bool) error

func (*AcmeAgent) Register

func (aa *AcmeAgent) Register(email string) error

func (*AcmeAgent) UploadCertificate

func (aa *AcmeAgent) UploadCertificate(domain string) (certID string, err error)

func (*AcmeAgent) WaitChallengeValidation

func (aa *AcmeAgent) WaitChallengeValidation(challenges []Challenge) error

func (*AcmeAgent) WaitForCertificates

func (aa *AcmeAgent) WaitForCertificates(ctx *IssueCertificateContext, u string) (issuerCert *x509.Certificate, myCert *x509.Certificate, err error)

type AgentOptions

type AgentOptions struct {
	// DirectoryURL is the location from where to fetch the
	// various endpoints. If not specified, DefaultDirectoryURL will
	// be used.
	DirectoryURL string

	// DNSCompleter, when specified, will be used to handle dns-01
	// challenges. If not specified, then dns-01 challenges will not
	// be considered.
	DNSCompleter ChallengeCompleter

	// XXX No HTTP Completer currently available
	HTTPCompleter ChallengeCompleter

	// XXX No TLSSNI Completer currently available
	TLSSNICompleter ChallengeCompleter

	// Uploader is responsible for uploading the certificates.
	Uploader CertificateUploader

	StateStorage StateStorage
}

type Authorization

type Authorization struct {
	URL          string        `json:"url"` // URL is not included in the spec
	Status       string        `json:"status"`
	Expires      string        `json:"expires"`
	Identifier   Identifier    `json:"identifier"`
	Challenges   []Challenge   `json:"challenges"`
	Combinations []Combination `json:"combinations"`
}

func (Authorization) ExpTime

func (a Authorization) ExpTime() time.Time

func (Authorization) IsExpired

func (a Authorization) IsExpired() bool

type AuthorizationRequest

type AuthorizationRequest struct {
	Identifier Identifier `json:"identifier"`
}

func (AuthorizationRequest) MarshalJSON

func (r AuthorizationRequest) MarshalJSON() ([]byte, error)

type CertificateRequest

type CertificateRequest struct {
	Resource string `json:"resource"`
	CSR      string `json:"csr"`
}

func (CertificateRequest) MarshalJSON

func (r CertificateRequest) MarshalJSON() ([]byte, error)

type CertificateUploader

type CertificateUploader interface {
	Upload(name string, certs []*x509.Certificate, certkey *rsa.PrivateKey) error
}

type Challenge

type Challenge struct {
	URI              string     `json:"uri,omitempty"`
	Type             string     `json:"type"`
	Token            string     `json:"token"`
	KeyAuthorization string     `json:"keyAuthorization,omitempty"`
	Status           string     `json:"status,omitempty"`
	Error            *ACMEError `json:"error"`
}

type ChallengeCompleter

type ChallengeCompleter interface {
	Complete(domain, token string) error
	Cleanup(domain, token string) error
}

type ChallengeCompletionRequest

type ChallengeCompletionRequest struct {
	Resource         string `json:"resource"`
	Type             string `json:"type"`
	Token            string `json:"token"`
	KeyAuthorization string `json:"keyAuthorization,omitempty"`
}

type Combination

type Combination []int

type Identifier

type Identifier struct {
	Type  string `json:"type"`
	Value string `json:"value"`
}

type IdentifierAuthorizationContext

type IdentifierAuthorizationContext struct {
	Domain string
}

type IssueCertificateContext

type IssueCertificateContext struct {
	CommonName string
	Domains    []string
	Renew      bool
}

type RegistrationRequest

type RegistrationRequest struct {
	Agreement      string   `json:"agreement"`
	Authorizations string   `json:"authorizations"`
	Certificates   string   `json:"certificates"`
	Contact        []string `json:"contact"`
}

func (RegistrationRequest) MarshalJSON

func (r RegistrationRequest) MarshalJSON() ([]byte, error)

type StateStorage

type StateStorage interface {
	LoadAccount(interface{}) error
	SaveAccount(interface{}) error

	SaveAuthorization(string, interface{}) error
	LoadAuthorization(string, interface{}) error
	// DeleteCert deletes the stored authorization
	DeleteAuthorization(string) error

	// SaveKey saves the private key in JWK format.
	// The key must be an RSA private key.
	SaveKey(*jwk.RsaPrivateKey) error

	// LoadKey loads the stored private key.
	LoadKey(*jwk.RsaPrivateKey) error

	// SaveCertKey saves the certificate private key in PEM format.
	// The key must be an RSA private key.
	SaveCertKey(string, *jwk.RsaPrivateKey) error

	LoadCertKey(string, *jwk.RsaPrivateKey) error

	SaveCert(string, *x509.Certificate, *x509.Certificate) error

	// LoadCert loads the stored certificate
	LoadCert(string, *x509.Certificate) error

	// DeleteCert deletes the stored certificate
	DeleteCert(string) error

	// LoadCertIssuer loads the issuer certificate
	LoadCertIssuer(string, *x509.Certificate) error

	// LoadCertFullchain loads the full chain certificate
	LoadCertFullChain(string, *x509.Certificate) error
}

StateStorage stores persistent data in appropriate places, such as in a local directory or in the cloud.

type UpdateRegistrationRequest

type UpdateRegistrationRequest struct {
	Key       jwk.Key  `json:"key",omitempty`
	Contact   []string `json:"contact"`
	Agreement string   `json:"agreement,omitempty"`
}

func (UpdateRegistrationRequest) MarshalJSON

func (r UpdateRegistrationRequest) MarshalJSON() ([]byte, error)

Directories

Path Synopsis

Jump to

Keyboard shortcuts

? : This menu
/ : Search site
f or F : Jump to
y or Y : Canonical URL