ejbca

package
v1.11.1 Latest Latest
Warning

This package is not in the latest version of its module.

Go to latest
Published: Dec 12, 2024 License: Apache-2.0 Imports: 24 Imported by: 0

Documentation

Index

Constants

This section is empty.

Variables

This section is empty.

Functions

func BuiltIn

func BuiltIn() catalog.BuiltIn

Types

type Config

type Config struct {
	Hostname               string `hcl:"hostname" json:"hostname"`
	CaCertPath             string `hcl:"ca_cert_path" json:"ca_cert_path"`
	ClientCertPath         string `hcl:"client_cert_path" json:"client_cert_path"`
	ClientCertKeyPath      string `hcl:"client_cert_key_path" json:"client_cert_key_path"`
	CAName                 string `hcl:"ca_name" json:"ca_name"`
	EndEntityProfileName   string `hcl:"end_entity_profile_name" json:"end_entity_profile_name"`
	CertificateProfileName string `hcl:"certificate_profile_name" json:"certificate_profile_name"`
	DefaultEndEntityName   string `hcl:"end_entity_name" json:"end_entity_name"`
	AccountBindingID       string `hcl:"account_binding_id" json:"account_binding_id"`
}

Config defines the configuration for the plugin.

type Plugin

type Plugin struct {
	// UnimplementedUpstreamAuthorityServer is embedded to satisfy gRPC
	upstreamauthorityv1.UnimplementedUpstreamAuthorityServer

	// UnimplementedConfigServer is embedded to satisfy gRPC
	configv1.UnimplementedConfigServer
	// contains filtered or unexported fields
}

Plugin implements the UpstreamAuthority plugin

func New

func New() *Plugin

New returns an instantiated EJBCA UpstreamAuthority plugin

func (*Plugin) Configure

Configure configures the EJBCA UpstreamAuthority plugin. This is invoked by SPIRE when the plugin is first loaded. After the first invocation, it may be used to reconfigure the plugin.

func (*Plugin) MintX509CAAndSubscribe

MintX509CAAndSubscribe implements the UpstreamAuthority MintX509CAAndSubscribe RPC. Mints an X.509 CA and responds with the signed X.509 CA certificate chain and upstream X.509 roots. The stream is kept open but new roots will not be published unless the CA is rotated and a new X.509 CA is minted.

Implementation note:

  • It's important that the EJBCA Certificate Profile and End Entity Profile are properly configured before using this plugin. The plugin does not attempt to configure these profiles.

func (*Plugin) PublishJWTKeyAndSubscribe

The EJBCA UpstreamAuthority plugin does not support publishing JWT keys.

func (*Plugin) SetLogger

func (p *Plugin) SetLogger(logger hclog.Logger)

SetLogger is called by the framework when the plugin is loaded and provides the plugin with a logger wired up to SPIRE's logging facilities.

func (*Plugin) Validate

Jump to

Keyboard shortcuts

? : This menu
/ : Search site
f or F : Jump to
y or Y : Canonical URL