scepserver

package

v0.0.0-...-20473b2 Latest Latest Go to latest Published: Jan 12, 2019 License: MIT Imports: 13 Imported by: 0

Details

Valid go.mod file
Redistributable license
Tagged version
Stable version
Learn more about best practices

Repository

github.com/mattrax/scep

Documentation ¶

Index ¶

type Service
- func NewService(depot depot.Depot, opts ...ServiceOption) (Service, error)
type ServiceOption

Constants ¶

This section is empty.

Variables ¶

This section is empty.

Functions ¶

This section is empty.

Types ¶

type Service ¶

type Service interface {
	// GetCACaps returns a list of options
	// which are supported by the server.
	GetCACaps(ctx context.Context) ([]byte, error)

	// GetCACert returns CA certificate or
	// a CA certificate chain with intermediates
	// in a PKCS#7 Degenerate Certificates format
	GetCACert(ctx context.Context) ([]byte, int, error)

	// PKIOperation handles incoming SCEP messages such as PKCSReq and
	// sends back a CertRep PKIMessag.
	PKIOperation(ctx context.Context, msg []byte) ([]byte, error)

	// GetNextCACert returns a replacement certificate or certificate chain
	// when the old one expires. The response format is a PKCS#7 Degenerate
	// Certificates type.
	GetNextCACert(ctx context.Context) ([]byte, error)
}

Service is the interface for all supported SCEP server operations.

func NewService ¶

func NewService(depot depot.Depot, opts ...ServiceOption) (Service, error)

NewService creates a new scep service

type ServiceOption ¶

type ServiceOption func(*service) error

ServiceOption is a server configuration option

func AllowRenewal ¶

func AllowRenewal(duration int) ServiceOption

allowRenewal sets the days before expiry which we are allowed to renew (optional)

func CAKeyPassword ¶

func CAKeyPassword(pw []byte) ServiceOption

CAKeyPassword is an optional argument to NewService for specifying the CA private key password.

func ChallengePassword ¶

func ChallengePassword(pw string) ServiceOption

ChallengePassword is an optional argument to NewService which allows setting a preshared key for SCEP.

func ClientValidity ¶

func ClientValidity(duration int) ServiceOption

ClientValidity sets the validity of signed client certs in days (optional parameter)

func WithCSRVerifier ¶

func WithCSRVerifier(csrVerifier csrverifier.CSRVerifier) ServiceOption

WithCSRVerifier is an option argument to NewService which allows setting a CSR verifier.

Source Files ¶

View all Source files

service.go

?	: This menu
/	: Search site
f or F	: Jump to
y or Y	: Canonical URL