Documentation ¶
Index ¶
- func NewAuthHandler(caFile, caKeyFile string, policy *config.Signing) (http.Handler, error)
- func NewAuthHandlerFromSigner(signer signer.Signer) (http.Handler, error)
- func NewHandler(caFile, caKeyFile string, policy *config.Signing) (http.Handler, error)
- func NewHandlerFromSigner(signer signer.Signer) (h *api.HTTPHandler, err error)
- type AuthHandler
- type Handler
Constants ¶
This section is empty.
Variables ¶
This section is empty.
Functions ¶
func NewAuthHandler ¶
NewAuthHandler generates a new AuthHandler using the certificate authority private key and certficate to sign certificates. If remote is not an empty string, the handler will send signature requests to the CFSSL instance contained in remote by default.
func NewAuthHandlerFromSigner ¶
NewAuthHandlerFromSigner creates a new AuthHandler from the signer that is passed in.
func NewHandler ¶
NewHandler generates a new Handler using the certificate authority private key and certficate to sign certificates. If remote is not an empty string, the handler will send signature requests to the CFSSL instance contained in remote by default.
func NewHandlerFromSigner ¶
func NewHandlerFromSigner(signer signer.Signer) (h *api.HTTPHandler, err error)
NewHandlerFromSigner generates a new Handler directly from an existing signer.
Types ¶
type AuthHandler ¶
type AuthHandler struct {
// contains filtered or unexported fields
}
An AuthHandler verifies and signs incoming signature requests.
func (*AuthHandler) Handle ¶
func (h *AuthHandler) Handle(w http.ResponseWriter, r *http.Request) error
Handle receives the incoming request, validates it, and processes it.
type Handler ¶
type Handler struct {
// contains filtered or unexported fields
}
A Handler accepts requests with a hostname and certficate parameter (which should be PEM-encoded) and returns a new signed certificate. It includes upstream servers indexed by their profile name.
func (*Handler) Handle ¶
Handle responds to requests for the CA to sign the certificate request present in the "certificate_request" parameter for the host named in the "hostname" parameter. The certificate should be PEM-encoded. If provided, subject information from the "subject" parameter will be used in place of the subject information from the CSR.