Documentation
¶
Index ¶
Constants ¶
This section is empty.
Variables ¶
This section is empty.
Functions ¶
func IPAddressesDNSNames ¶ added in v0.2.2
func NewKeyPair ¶
func NewKeyPair() (crypto.PublicKey, crypto.PrivateKey, error)
Types ¶
type CA ¶
type CA struct {
Dir string
SerialFile string
Serial int64
Config *TLSCertificateConfig
}
func InitCA ¶
InitCA ensures a certificate authority structure exists in the given directory, creating it if necessary:
<dir>/ ca/ root.crt - Root certificate bundle. cert.crt - Signing certificate key.key - Private key serial.txt - Stores the highest serial number generated by this CA
func (*CA) MakeClientConfig ¶
func (ca *CA) MakeClientConfig(clientId string, u user.Info, defaults kclient.Config) (kclient.Config, error)
MakeClientConfig creates a folder containing certificates for the given client:
<CA.dir>/
<id>/
root.crt - Root certificate bundle.
cert.crt - Client certificate
key.key - Private key
The generated certificate has the following attributes:
Subject: SerialNumber: user.GetUID() CommonName: user.GetName() Organization: user.GetGroups() ExtKeyUsage: ExtKeyUsageClientAuth
func (*CA) MakeServerCert ¶
func (ca *CA) MakeServerCert(name string, hostnames []string) (*TLSCertificateConfig, error)
MakeServerCert creates a folder containing certificates for the given server:
<CA.dir>/ <name>/ root.crt - Root certificate bundle. cert.crt - Server certificate key.key - Private key
The generated certificate has the following attributes:
CommonName: hostnames[0] DNSNames subjectAltNames containing all specified hostnames IPAddresses subjectAltNames containing all specified hostnames which are IP addresses ExtKeyUsage: ExtKeyUsageServerAuth
type TLSCertificateConfig ¶
type TLSCertificateConfig struct {
CAFile string
CertFile string
KeyFile string
Roots []*x509.Certificate
Certs []*x509.Certificate
Key crypto.PrivateKey
}
Source Files
Click to show internal directories.
Click to hide internal directories.