tresor

package

v1.1.0 Latest Latest Go to latest Published: Apr 14, 2022 License: Apache-2.0 Imports: 13 Imported by: 0

Details

Valid go.mod file
Redistributable license
Tagged version
Stable version
Learn more about best practices

Repository

github.com/openservicemesh/osm

Links

Open Source Insights

README ¶

Tresor Certificate Provider

The Tresor package is a minimal certificate issuance facility, which leverages Go's crypto libraries to generate a CA, and issue certificates for Envoy-to-xDS communication as well as Envoy-to-Envoy (east-west) between services.

Documentation ¶

Overview ¶

Package tresor implements the certificate.Manager interface for Tresor, a custom certificate provider in OSM.

Index ¶

func NewCA(cn certificate.CommonName, validityPeriod time.Duration, ...) (*certificate.Certificate, error)
func NewCertificateFromPEM(pemCert pem.Certificate, pemKey pem.PrivateKey) (*certificate.Certificate, error)
func NewFake(msgBroker *messaging.Broker) certificate.Manager
func NewFakeCertificate() *certificate.Certificate
type CertManager
- func New(ca *certificate.Certificate, certificatesOrganization string, keySize int) (*CertManager, error)
- func (cm *CertManager) IssueCertificate(cn certificate.CommonName, validityPeriod time.Duration) (*certificate.Certificate, error)

Constants ¶

This section is empty.

Variables ¶

This section is empty.

Functions ¶

func NewCA ¶

func NewCA(cn certificate.CommonName, validityPeriod time.Duration, rootCertCountry, rootCertLocality, rootCertOrganization string) (*certificate.Certificate, error)

NewCA creates a new Certificate Authority.

func NewCertificateFromPEM ¶

func NewCertificateFromPEM(pemCert pem.Certificate, pemKey pem.PrivateKey) (*certificate.Certificate, error)

NewCertificateFromPEM is a helper returning a *certificate.Certificate from the PEM components given.

func NewFake ¶ added in v1.1.0

func NewFake(msgBroker *messaging.Broker) certificate.Manager

NewFake constructs a fake certificate client using a certificate

func NewFakeCertificate ¶ added in v0.4.1

func NewFakeCertificate() *certificate.Certificate

NewFakeCertificate is a helper creating Certificates for unit tests.

Types ¶

type CertManager ¶

type CertManager struct {
	// contains filtered or unexported fields
}

CertManager implements certificate.Manager

func New ¶ added in v1.1.0

func New(
	ca *certificate.Certificate,
	certificatesOrganization string,
	keySize int) (*CertManager, error)

New constructs a new certificate client using a certificate

func (*CertManager) IssueCertificate ¶

func (cm *CertManager) IssueCertificate(cn certificate.CommonName, validityPeriod time.Duration) (*certificate.Certificate, error)

IssueCertificate requests a new signed certificate from the configured cert-manager issuer.

Source Files ¶

View all Source files

?	: This menu
/	: Search site
f or F	: Jump to
y or Y	: Canonical URL