ca

package

v0.0.0-...-7e372e6 Latest Latest Go to latest Published: Oct 29, 2015 License: MPL-2.0 Imports: 24 Imported by: 0

Details

Valid go.mod file

The Go module system was introduced in Go 1.11 and is the official dependency management solution for Go.
Redistributable license

Redistributable licenses place minimal restrictions on how software can be used, modified, and redistributed.
Tagged version

Modules with tagged versions give importers more predictable builds.
Stable version

When a project reaches major version v1 it is considered stable.
Learn more about best practices

Repository

github.com/pavel-paulau/boulder

Links

Open Source Insights

Documentation ¶

Index ¶

type CertificateAuthorityImpl
- func NewCertificateAuthorityImpl(config cmd.CAConfig, clk clock.Clock, stats statsd.Statter, issuerCert string) (*CertificateAuthorityImpl, error)

Constants ¶

This section is empty.

Variables ¶

This section is empty.

Functions ¶

This section is empty.

Types ¶

type CertificateAuthorityImpl ¶

type CertificateAuthorityImpl struct {
	Signer     signer.Signer
	OCSPSigner ocsp.Signer
	SA         core.StorageAuthority
	PA         core.PolicyAuthority
	Publisher  core.Publisher
	Clk        clock.Clock // TODO(jmhodges): should be private, like log

	Prefix         int // Prepended to the serial number
	ValidityPeriod time.Duration
	NotAfter       time.Time
	MaxNames       int
	// contains filtered or unexported fields
}

CertificateAuthorityImpl represents a CA that signs certificates, CRLs, and OCSP responses.

func NewCertificateAuthorityImpl ¶

func NewCertificateAuthorityImpl(config cmd.CAConfig, clk clock.Clock, stats statsd.Statter, issuerCert string) (*CertificateAuthorityImpl, error)

NewCertificateAuthorityImpl creates a CA that talks to a remote CFSSL instance. (To use a local signer, simply instantiate CertificateAuthorityImpl directly.) Communications with the CA are authenticated with MACs, using CFSSL's authenticated signature scheme. A CA created in this way issues for a single profile on the remote signer, which is indicated by name in this constructor.

func (*CertificateAuthorityImpl) GenerateOCSP ¶

func (ca *CertificateAuthorityImpl) GenerateOCSP(xferObj core.OCSPSigningRequest) ([]byte, error)

GenerateOCSP produces a new OCSP response and returns it

func (*CertificateAuthorityImpl) IssueCertificate ¶

func (ca *CertificateAuthorityImpl) IssueCertificate(csr x509.CertificateRequest, regID int64) (core.Certificate, error)

IssueCertificate attempts to convert a CSR into a signed Certificate, while enforcing all policies. Names (domains) in the CertificateRequest will be lowercased before storage.

func (*CertificateAuthorityImpl) RevokeCertificate ¶

func (ca *CertificateAuthorityImpl) RevokeCertificate(serial string, reasonCode core.RevocationCode) (err error)

RevokeCertificate revokes the trust of the Cert referred to by the provided Serial.

Source Files ¶

View all Source files

certificate-authority.go

?	: This menu
/	: Search site
f or F	: Jump to
y or Y	: Canonical URL