Documentation ¶
Index ¶
- Variables
- func GetPEMCertExpiration(cert []byte) (time.Time, error)
- type CertificateResource
- type Client
- func (c *Client) AgreeToTos() error
- func (c *Client) ObtainCertificates(domains []string) ([]CertificateResource, error)
- func (c *Client) Register() (*RegistrationResource, error)
- func (c *Client) RenewCertificate(cert CertificateResource, revokeOld bool) (CertificateResource, error)
- func (c *Client) RevokeCertificate(certificate []byte) error
- type Registration
- type RegistrationResource
- type User
Constants ¶
This section is empty.
Variables ¶
var Logger *log.Logger
Logger is used to log errors; if nil, the default log.Logger is used.
Functions ¶
Types ¶
type CertificateResource ¶
type CertificateResource struct { Domain string `json:"domain"` CertURL string `json:"certUrl"` CertStableURL string `json:"certStableUrl"` PrivateKey []byte `json:"-"` Certificate []byte `json:"-"` }
CertificateResource represents a CA issued certificate. PrivateKey and Certificate are both already PEM encoded and can be directly written to disk.
type Client ¶
type Client struct {
// contains filtered or unexported fields
}
Client is the user-friendy way to ACME
func NewClient ¶
NewClient creates a new client for the set user. caURL - The root url to the boulder instance you want certificates from usr - A filled in user struct optPort - The alternative port to listen on for challenges. devMode - If set to true, all CanSolve() checks are skipped.
func (*Client) AgreeToTos ¶
AgreeToTos updates the Client registration and sends the agreement to the server.
func (*Client) ObtainCertificates ¶
func (c *Client) ObtainCertificates(domains []string) ([]CertificateResource, error)
ObtainCertificates tries to obtain certificates from the CA server using the challenges it has configured. The returned certificates are PEM encoded byte slices.
func (*Client) Register ¶
func (c *Client) Register() (*RegistrationResource, error)
Register the current account to the ACME server.
func (*Client) RenewCertificate ¶
func (c *Client) RenewCertificate(cert CertificateResource, revokeOld bool) (CertificateResource, error)
RenewCertificate takes a CertificateResource and tries to renew the certificate. If the renewal process succeeds, the new certificate will replace the old one in the CertResource. Please be aware that this function will return a new certificate in ANY case that is not an error. If the server does not provide us with a new cert on a GET request to the CertURL this function will start a new-cert flow where a new certificate gets generated.
func (*Client) RevokeCertificate ¶
RevokeCertificate takes a PEM encoded certificate and tries to revoke it at the CA.
type Registration ¶
type Registration struct { Resource string `json:"resource,omitempty"` ID int `json:"id"` Key struct { Kty string `json:"kty"` N string `json:"n"` E string `json:"e"` } `json:"key"` Contact []string `json:"contact"` Agreement string `json:"agreement,omitempty"` Authorizations string `json:"authorizations,omitempty"` Certificates string `json:"certificates,omitempty"` }
Registration is returned by the ACME server after the registration The client implementation should save this registration somewhere.
type RegistrationResource ¶
type RegistrationResource struct { Body Registration URI string NewAuthzURL string TosURL string }
RegistrationResource represents all important informations about a registration of which the client needs to keep track itself.
type User ¶
type User interface { GetEmail() string GetRegistration() *RegistrationResource GetPrivateKey() *rsa.PrivateKey }
User interface is to be implemented by users of this library. It is used by the client type to get user specific information.