file

package

v0.0.0-...-1867f9a Latest Latest Go to latest Published: Aug 9, 2017 License: Apache-2.0 Imports: 13 Imported by: 0

Details

Valid go.mod file

The Go module system was introduced in Go 1.11 and is the official dependency management solution for Go.
Redistributable license

Redistributable licenses place minimal restrictions on how software can be used, modified, and redistributed.
Tagged version

Modules with tagged versions give importers more predictable builds.
Stable version

When a project reaches major version v1 it is considered stable.
Learn more about best practices

Repository

github.com/lukegb/encryptomatic

Links

Open Source Insights

Documentation ¶

Overview ¶

Package file installs certificates into flat files on disk.

Index ¶

func New(v *viper.Viper) (encryptomatic.Installer, error)
type Installer

Constants ¶

This section is empty.

Variables ¶

This section is empty.

Functions ¶

func New ¶

func New(v *viper.Viper) (encryptomatic.Installer, error)

Types ¶

type Installer ¶

type Installer struct {
	// FullChain is the path on disk to write the entire certificate chain to, including the leaf certificate and any intermediates provided by the server.
	// If empty, no file will be written.
	FullChain string `mapstructure:"full_chain"`

	// Chain is the path to write the certificate chain to, not including the end entity certificate.
	// If empty, no file will be written.
	Chain string `mapstructure:"chain"`

	// EndEntity is the path on disk to write the certificate to.
	// If empty, no file will be written.
	EndEntity string `mapstructure:"end_entity"`

	// FullPrivateChain is the path on disk to write a bundle to, in a format suitable for HAProxy. This is FullChain with PrivateKey concatenated.
	// If empty, no file will be written.
	FullPrivateChain string `mapstructure:"full_private_chain"`

	// PrivateKey is the path on disk to write the private key to.
	// If empty, no file will be written.
	// If CertificateRequest is populated, this field is ignored and no file will be written.
	PrivateKey string `mapstructure:"private_key"`

	// If this flag is true, private keys will be written with 0666 (before umask), rather than 0600.
	// Set at your own risk.
	InsecurePrivateKey bool `mapstructure:"insecure_private_key"`

	// CertificateRequest is the path on disk to read a certificate request from.
	// If empty, a certificate request and private key will be automatically generated.
	CertificateRequest string `mapstructure:"certificate_request"`

	// BeforeCmd is a command to execute before writing the new certificate.
	// If empty, no command will be run.
	BeforeCmd []string `mapstructure:"before_cmd"`

	// AfterCmd is a command to execute after writing the new certificate.
	// If empty, no command will be run.
	AfterCmd []string `mapstructure:"after_cmd"`
}

Installer writes certificates to files on disk in various formats.

func (*Installer) GenerateCSR ¶

func (i *Installer) GenerateCSR(ctx context.Context) (*x509.CertificateRequest, error)

GenerateCSR reads a CSR off disk, if one has been provided.

func (*Installer) GetCertificate ¶

func (i *Installer) GetCertificate(ctx context.Context) (*x509.Certificate, error)

GetCertificate retrieves the current certificate from disk, or nil if none exists.

func (*Installer) SetCertificate ¶

func (i *Installer) SetCertificate(ctx context.Context, caBundle []*x509.Certificate, cert *x509.Certificate, pkey crypto.PrivateKey) (err error)

SetCertificate installs the provided certificate into the provided files.

Source Files ¶

View all Source files

file.go

?	: This menu
/	: Search site
f or F	: Jump to
y or Y	: Canonical URL