Documentation
¶
Index ¶
- Variables
- func Enroll(ctx context.Context, enrollment *gen.Enrollment, authority pki.Source, ...) (*gen.Enrollment, error)
- func Forget(ctx context.Context, enrollment *gen.Enrollment, tlsConfig *tls.Config) error
- func Inspect(ctx context.Context, address string) (*gen.HubNodeInspection, error)
- func Renew(ctx context.Context, enrollment *gen.Enrollment, authority pki.Source, ...) (*gen.Enrollment, error)
Constants ¶
This section is empty.
Variables ¶
Functions ¶
func Enroll ¶
func Enroll(ctx context.Context, enrollment *gen.Enrollment, authority pki.Source, remoteRoots ...string) (*gen.Enrollment, error)
Enroll sets up the PKI for a remote Smart Core node. This connects to the remote node specified by enrollment.TargetAddress, constructs a new client certificate signed using the certificate and key from authority, and invokes CreateEnrollment on the target with this information. The Certificate and RootCAs will be computed from the authority and will be ignored if provided in enrollment. If any remoteRoots are provided, the remote server will be checked using these as trust roots, otherwise any remote certificate will be allowed.
func Forget ¶
Forget asks a remote node to forget that they are enrolled using the given enrollment. Forget assumes that if the remote node trusts us then they also trust us to delete the enrollment. If certificate validation fails, we try again but this time check the remote enrollment against the passed one so we aren't deleting random enrollments.
func Renew ¶
func Renew(ctx context.Context, enrollment *gen.Enrollment, authority pki.Source, tlsConfig *tls.Config) (*gen.Enrollment, error)
Renew updates the PKI for a remote Smart Core node. This connects to the remote node specified by enrollment.TargetAddress using tlsConfig, signs the servers public certificate using authority, and calls EnrollmentApi.UpdateEnrollment on the remote node.
Types ¶
This section is empty.
Source Files