Documentation ¶
Index ¶
- type SoftCAS
- func (c *SoftCAS) CreateCRL(req *apiv1.CreateCRLRequest) (*apiv1.CreateCRLResponse, error)
- func (c *SoftCAS) CreateCertificate(req *apiv1.CreateCertificateRequest) (*apiv1.CreateCertificateResponse, error)
- func (c *SoftCAS) CreateCertificateAuthority(req *apiv1.CreateCertificateAuthorityRequest) (*apiv1.CreateCertificateAuthorityResponse, error)
- func (c *SoftCAS) GetSigner() (crypto.Signer, error)
- func (c *SoftCAS) RenewCertificate(req *apiv1.RenewCertificateRequest) (*apiv1.RenewCertificateResponse, error)
- func (c *SoftCAS) RevokeCertificate(req *apiv1.RevokeCertificateRequest) (*apiv1.RevokeCertificateResponse, error)
- func (c *SoftCAS) Type() apiv1.Type
Constants ¶
This section is empty.
Variables ¶
This section is empty.
Functions ¶
This section is empty.
Types ¶
type SoftCAS ¶
type SoftCAS struct { CertificateChain []*x509.Certificate Signer crypto.Signer CertificateSigner func() ([]*x509.Certificate, crypto.Signer, error) KeyManager kms.KeyManager }
SoftCAS implements a Certificate Authority Service using Golang or KMS crypto. This is the default CAS used in step-ca.
func (*SoftCAS) CreateCRL ¶ added in v0.23.0
func (c *SoftCAS) CreateCRL(req *apiv1.CreateCRLRequest) (*apiv1.CreateCRLResponse, error)
CreateCRL will create a new CRL based on the RevocationList passed to it
func (*SoftCAS) CreateCertificate ¶
func (c *SoftCAS) CreateCertificate(req *apiv1.CreateCertificateRequest) (*apiv1.CreateCertificateResponse, error)
CreateCertificate signs a new certificate using Golang or KMS crypto.
func (*SoftCAS) CreateCertificateAuthority ¶ added in v0.15.6
func (c *SoftCAS) CreateCertificateAuthority(req *apiv1.CreateCertificateAuthorityRequest) (*apiv1.CreateCertificateAuthorityResponse, error)
CreateCertificateAuthority creates a root or an intermediate certificate.
func (*SoftCAS) GetSigner ¶ added in v0.26.2
GetSigner implements apiv1.CertificateAuthoritySigner and returns a crypto.Signer with the intermediate key.
func (*SoftCAS) RenewCertificate ¶
func (c *SoftCAS) RenewCertificate(req *apiv1.RenewCertificateRequest) (*apiv1.RenewCertificateResponse, error)
RenewCertificate signs the given certificate template using Golang or KMS crypto.
func (*SoftCAS) RevokeCertificate ¶
func (c *SoftCAS) RevokeCertificate(req *apiv1.RevokeCertificateRequest) (*apiv1.RevokeCertificateResponse, error)
RevokeCertificate revokes the given certificate in step-ca. In SoftCAS this operation is a no-op as the actual revoke will happen when we store the entry in the db.