Documentation ¶
Index ¶
- Constants
- Variables
- func EnsureCertAndKey(clientCert, clientKey string) error
- func GetAllCertificatesAndCAs() (*x509.CertPool, []*x509.Certificate, *xcerts.Manager, error)
- func GetTLSConfig() (x509Certs []*x509.Certificate, manager *xcerts.Manager, err error)
- func LoadX509KeyPair(certFile, keyFile string) (tls.Certificate, error)
- func MkdirAllIgnorePerm(path string) error
- func ParsePublicCertFile(certFile string) (x509Certs []*x509.Certificate, err error)
- type ConfigDir
Constants ¶
const ( // DefaultConsoleConfigDir minio configuration directory where below configuration files/directories are stored. DefaultConsoleConfigDir = ".console" // CertsDir Directory contains below files/directories for HTTPS configuration. CertsDir = "certs" // CertsCADir Directory contains all CA certificates other than system defaults for HTTPS. CertsCADir = "CAs" // PublicCertFile Public certificate file for HTTPS. PublicCertFile = "public.crt" // TLSCertFile Public certificate file for HTTPS. TLSCertFile = "tls.crt" // PrivateKeyFile Private key file for HTTPS. PrivateKeyFile = "private.key" // TLSKeyFile Private key file for HTTPS. TLSKeyFile = "tls.key" )
const EnvCertPassword = "CONSOLE_CERT_PASSWD"
EnvCertPassword is the environment variable which contains the password used to decrypt the TLS private key. It must be set if the TLS private key is password protected.
Variables ¶
var ( // DefaultCertsDir certs directory. DefaultCertsDir = &ConfigDir{Path: getDefaultCertsDir()} // DefaultCertsCADir CA directory. DefaultCertsCADir = &ConfigDir{Path: getDefaultCertsCADir()} // GlobalCertsDir points to current certs directory set by user with --certs-dir GlobalCertsDir = DefaultCertsDir // GlobalCertsCADir points to relative Path to certs directory and is <value-of-certs-dir>/CAs GlobalCertsCADir = DefaultCertsCADir )
Functions ¶
func EnsureCertAndKey ¶
EnsureCertAndKey checks if both client certificate and key paths are provided
func GetAllCertificatesAndCAs ¶
GetAllCertificatesAndCAs returns all certs and cas
func GetTLSConfig ¶
func GetTLSConfig() (x509Certs []*x509.Certificate, manager *xcerts.Manager, err error)
GetTLSConfig returns the TLS config for the server
func LoadX509KeyPair ¶
func LoadX509KeyPair(certFile, keyFile string) (tls.Certificate, error)
LoadX509KeyPair - load an X509 key pair (private key , certificate) from the provided paths. The private key may be encrypted and is decrypted using the ENV_VAR: MINIO_CERT_PASSWD.
func MkdirAllIgnorePerm ¶
MkdirAllIgnorePerm attempts to create all directories, ignores any permission denied errors.
func ParsePublicCertFile ¶
func ParsePublicCertFile(certFile string) (x509Certs []*x509.Certificate, err error)
ParsePublicCertFile - parses public cert into its *x509.Certificate equivalent.