Documentation ¶
Overview ¶
Package autotls automatically configures TLS (for SMTP, IMAP, HTTP) by requesting certificates with ACME, typically from Let's Encrypt.
Index ¶
Constants ¶
This section is empty.
Variables ¶
This section is empty.
Functions ¶
This section is empty.
Types ¶
type Manager ¶
type Manager struct { ACMETLSConfig *tls.Config // For serving HTTPS on port 443, which is required for certificate requests to succeed. TLSConfig *tls.Config // For all TLS servers not used for validating ACME requests. Like SMTP and HTTPS on ports other than 443. Manager *autocert.Manager sync.Mutex // contains filtered or unexported fields }
Manager is in charge of a single ACME identity, and automatically requests certificates for allowlisted hosts.
func Load ¶
func Load(name, acmeDir, contactEmail, directoryURL string, shutdown <-chan struct{}) (*Manager, error)
Load returns an initialized autotls manager for "name" (used for the ACME key file and requested certs and their keys). All files are stored within acmeDir. contactEmail must be a valid email address to which notifications about ACME can be sent. directoryURL is the ACME starting point. When shutdown is closed, no new TLS connections can be created.
func (*Manager) AllowHostname ¶
AllowHostname adds hostname for use with ACME.
func (*Manager) HostPolicy ¶
HostPolicy decides if a host is allowed for use with ACME, i.e. whether a certificate will be returned if present and/or will be requested if not yet present. Only hosts added with AllowHostname are allowed. During shutdown, no new connections are allowed.