Documentation
¶
Index ¶
Constants ¶
View Source
const ( // VolumePath is the path at which the tls cert and private key (if any) // will be mounted in the pachd pod VolumePath = "/pachd-tls-cert" // CertFile is the name of the mounted file containing a TLS certificate // that identifies pachd CertFile = "tls.crt" // KeyFile is the name of the mounted file containing a private key // corresponding to the public certificate in TLSCertFile KeyFile = "tls.key" // CertCheckFrequency is how often we check for a renewed TLS certificate CertCheckFrequency = time.Hour )
Variables ¶
This section is empty.
Functions ¶
func GetCertPaths ¶
GetCertPaths gets the paths to the cert and key files within a cluster
Types ¶
type CertLoader ¶
type CertLoader struct {
// contains filtered or unexported fields
}
CertLoader provides simple hot TLS certificate reloading by checking for a renewed certificate at a configurable interval
func NewCertLoader ¶
func NewCertLoader(certPath, keyPath string, refreshInterval time.Duration) *CertLoader
NewCertLoader creates a new CertLoader to refresh the specified TLS key at a fixed interval
func (*CertLoader) GetCertificate ¶
func (l *CertLoader) GetCertificate(_ *tls.ClientHelloInfo) (*tls.Certificate, error)
GetCertificate gets the currently cached certificate and fulfills
func (*CertLoader) LoadAndStart ¶
func (l *CertLoader) LoadAndStart() error
LoadAndStart ensures the current TLS certificate is loaded and starts the reload routine to poll for renewed certificates
Source Files
Click to show internal directories.
Click to hide internal directories.