certman

package
v1.5.3 Latest Latest
Warning

This package is not in the latest version of its module.

Go to latest
Published: Sep 29, 2022 License: MIT Imports: 23 Imported by: 0

Documentation

Index

Constants

This section is empty.

Variables

This section is empty.

Functions

This section is empty.

Types

type CertificateManager

type CertificateManager struct {
	// contains filtered or unexported fields
}

CertificateManager is a struct with a go routine that periodically checks on the status of certificate requests and moves them through the request pipeline. This is separated from the parent GDS to allow for isolated testing.

func (*CertificateManager) CertManager

func (c *CertificateManager) CertManager()

CertManager is a go routine that periodically checks on the status of certificate requests and moves them through the request pipeline. Once CertManager detects a certificate request that is ready to submit, it submits the request via the Sectigo API. If processing, it checks the batch status, and when it detects that the bact is done processing it downloads the certs and emails them to the technical contacts. If the certificate processing fails for any reason, it sends an error message to the TRISA admins since this will prevent the integrator from joining the network.

TODO: move completed certificate requests to archive so that the CertManger routine isn't continuously handling a growing number of requests over time.

func (*CertificateManager) HandleCertificateReissuance

func (c *CertificateManager) HandleCertificateReissuance()

HandleCertificateReissuance iterates through each VASP in the database and checks if their identity certificate will be expiring soon, sending a reminder email at the 30 and 7 day checkpoints if so, and reissuing the identity certificate 10 days before expiration.

func (*CertificateManager) HandleCertificateRequests

func (c *CertificateManager) HandleCertificateRequests()

HandleCertificateRequests performs one iteration through the certificate requests in the database and handles each sequentially, progressing them by modifying the status fields in the database. Note that this method logs errors instead of returning them to the caller.

func (*CertificateManager) Run

func (c *CertificateManager) Run(wg *sync.WaitGroup) error

Run starts the CertManager as a go routine under the provided waitgroup. For graceful shutdown, the caller must invoke the Stop method to signal the CertManager routine to stop and block on the waitgroup if provided.

func (*CertificateManager) Stop

func (c *CertificateManager) Stop()

Stop signals the CertManager routine to shutdown. Note: This does not wait for the CertManager to stop and the caller should block on the waitgroup passed to the Run method in order to implement a graceful shutdown.

type Disabled added in v1.5.2

type Disabled struct{}

Disabled implements the certman.Service interface but is essentially a no-op that warns that the certificate manager is disabled. This allows outsider users to interact with certman without having to check if it's enabled.

func (*Disabled) CertManager added in v1.5.2

func (d *Disabled) CertManager()

func (*Disabled) HandleCertificateReissuance added in v1.5.2

func (d *Disabled) HandleCertificateReissuance()

func (*Disabled) HandleCertificateRequests added in v1.5.2

func (d *Disabled) HandleCertificateRequests()

func (*Disabled) Run added in v1.5.2

func (d *Disabled) Run(*sync.WaitGroup) error

func (*Disabled) Stop added in v1.5.2

func (d *Disabled) Stop()

type Service added in v1.5.2

type Service interface {
	Run(*sync.WaitGroup) error
	Stop()
	CertManager()
	HandleCertificateRequests()
	HandleCertificateReissuance()
}

Service defines the CertMan go routine interface for outside users to interact with the certificate manager directly.

func New

func New(conf config.CertManConfig, db store.Store, secret *secrets.SecretManager, email *emails.EmailManager) (_ Service, err error)

Jump to

Keyboard shortcuts

? : This menu
/ : Search site
f or F : Jump to
y or Y : Canonical URL