vault

package
v0.10.0 Latest Latest
Warning

This package is not in the latest version of its module.

Go to latest
Published: Sep 21, 2021 License: Apache-2.0 Imports: 15 Imported by: 0

Documentation

Overview

Package vault implements the certificate.Manager interface for Hashicorp Vault as the certificate provider.

Index

Constants

This section is empty.

Variables

This section is empty.

Functions

This section is empty.

Types

type CertManager

type CertManager struct {
	// contains filtered or unexported fields
}

CertManager implements certificate.Manager and contains a Hashi Vault client instance.

func NewCertManager

func NewCertManager(
	vaultAddr,
	token string,
	role string,
	cfg configurator.Configurator,
	serviceCertValidityDuration time.Duration) (*CertManager, error)

NewCertManager implements certificate.Manager and wraps a Hashi Vault with methods to allow easy certificate issuance.

func (*CertManager) GetCertificate

func (cm *CertManager) GetCertificate(cn certificate.CommonName) (certificate.Certificater, error)

GetCertificate returns a certificate given its Common Name (CN)

func (*CertManager) GetRootCertificate

func (cm *CertManager) GetRootCertificate() (certificate.Certificater, error)

GetRootCertificate returns the root certificate.

func (*CertManager) IssueCertificate

func (cm *CertManager) IssueCertificate(cn certificate.CommonName, validityPeriod time.Duration) (certificate.Certificater, error)

IssueCertificate issues a certificate by leveraging the Hashi Vault CertManager.

func (*CertManager) ListCertificates added in v0.1.0

func (cm *CertManager) ListCertificates() ([]certificate.Certificater, error)

ListCertificates lists all certificates issued

func (*CertManager) ListIssuedCertificates

func (cm *CertManager) ListIssuedCertificates() []certificate.Certificater

ListIssuedCertificates implements CertificateDebugger interface and returns the list of issued certificates.

func (*CertManager) ReleaseCertificate added in v0.6.0

func (cm *CertManager) ReleaseCertificate(cn certificate.CommonName)

ReleaseCertificate is called when a cert will no longer be needed and should be removed from the system.

func (*CertManager) RotateCertificate

func (cm *CertManager) RotateCertificate(cn certificate.CommonName) (certificate.Certificater, error)

RotateCertificate implements certificate.Manager and rotates an existing certificate.

type Certificate

type Certificate struct {
	// contains filtered or unexported fields
}

Certificate implements certificate.Certificater

func (Certificate) GetCertificateChain

func (c Certificate) GetCertificateChain() []byte

GetCertificateChain returns the PEM encoded certificate.

func (Certificate) GetCommonName

func (c Certificate) GetCommonName() certificate.CommonName

GetCommonName returns the common name of the given certificate.

func (Certificate) GetExpiration

func (c Certificate) GetExpiration() time.Time

GetExpiration implements certificate.Certificater and returns the time the given certificate expires.

func (Certificate) GetIssuingCA

func (c Certificate) GetIssuingCA() []byte

GetIssuingCA returns the root certificate signing the given cert.

func (Certificate) GetPrivateKey

func (c Certificate) GetPrivateKey() []byte

GetPrivateKey returns the PEM encoded private key of the given certificate.

func (Certificate) GetSerialNumber added in v0.6.0

func (c Certificate) GetSerialNumber() certificate.SerialNumber

GetSerialNumber returns the serial number of the given certificate.

Jump to

Keyboard shortcuts

? : This menu
/ : Search site
f or F : Jump to
y or Y : Canonical URL