cert_manager

package
v0.20.9 Latest Latest
Warning

This package is not in the latest version of its module.

Go to latest
Published: Jul 27, 2019 License: MIT Imports: 25 Imported by: 0

Documentation

Index

Constants

This section is empty.

Variables

This section is empty.

Functions

This section is empty.

Types

type AcmeClient added in v0.20.2

type AcmeClient interface {
	Accept(ctx context.Context, chal *acme.Challenge) (*acme.Challenge, error)
	Authorize(ctx context.Context, domain string) (*acme.Authorization, error)
	CreateCert(ctx context.Context, csr []byte, exp time.Duration, bundle bool) (der [][]byte, certURL string, err error)
	HTTP01ChallengeResponse(token string) (string, error)
	RevokeAuthorization(ctx context.Context, url string) error
	TLSALPN01ChallengeCert(token, domain string, opt ...acme.CertOption) (cert tls.Certificate, err error)
	WaitAuthorization(ctx context.Context, url string) (*acme.Authorization, error)
}

type DomainChecker added in v0.20.2

type DomainChecker interface {
	// IsDomainAllowed called for check domain for allow certificate
	// It can call concurrency for many domains same time
	// guarantee about domain will correct domain name (as minimum for character set)
	IsDomainAllowed(ctx context.Context, domain string) (bool, error)
}

type DomainName

type DomainName string // Normalized domain name.

func (DomainName) ASCII

func (d DomainName) ASCII() string

func (DomainName) FullString

func (d DomainName) FullString() string

func (DomainName) String

func (d DomainName) String() string

func (DomainName) Unicode

func (d DomainName) Unicode() string

type GetContext

type GetContext interface {
	GetContext() context.Context
}

type Manager

type Manager struct {
	CertificateIssueTimeout time.Duration
	Cache                   cache.Bytes

	// Client is used to perform low-level operations, such as account registration
	// and requesting new certificates.
	//
	// If Client is nil, a zero-value acme.Client is used with acme.LetsEncryptURL
	// as directory endpoint. If the Client.Key is nil, a new ECDSA P-256 key is
	// generated and, if Cache is not nil, stored in cache.
	//
	// Mutating the field after the first call of GetCertificate method will have no effect.
	Client               AcmeClient
	DomainChecker        DomainChecker
	EnableHTTPValidation bool
	EnableTLSValidation  bool
	SaveJSONMeta         bool
	// contains filtered or unexported fields
}

Interface inspired to https://godoc.org/golang.org/x/crypto/acme/autocert#Manager but not compatible guarantee

func New

func New(client AcmeClient, c cache.Bytes) *Manager

func (*Manager) GetCertificate

func (m *Manager) GetCertificate(hello *tls.ClientHelloInfo) (resultCert *tls.Certificate, err error)

GetCertificate implements the tls.Config.GetCertificate hook.

func (*Manager) HandleHttpValidation

func (m *Manager) HandleHttpValidation(w http.ResponseWriter, r *http.Request) bool

Jump to

Keyboard shortcuts

? : This menu
/ : Search site
f or F : Jump to
y or Y : Canonical URL