Documentation ¶
Overview ¶
Package pki contains an interface for managing the PKI for a cluster using mTLS.
Index ¶
Constants ¶
View Source
const ( // DefaultCAName is the default CA name. DefaultCAName = "webmesh-ca" // DefaultKeyType is the default key type. DefaultKeyType = crypto.TLSKeyECDSA // DefaultKeySize is the default key size. DefaultKeySize = 256 // DefaultAdminName is the default admin name. DefaultAdminName = "admin" // DefaultCAExpiry is the default CA expiry. DefaultCAExpiry = 365 * 24 * time.Hour // 1 year // DefaultNodeExpiry is the default node expiry. DefaultNodeExpiry = 90 * 24 * time.Hour // 90 days // CADirectory is the name of the relative directory containing the CA. CADirectory = "ca" // NodesDirectory is the name of the relative directory containing the nodes. NodesDirectory = "nodes" )
Variables ¶
This section is empty.
Functions ¶
This section is empty.
Types ¶
type GenerateConfigOptions ¶
type GenerateConfigOptions struct { // Name is the name of the certificate. Name string // Server is the server address. Server string // Output is the output file. Output string // ContextName sets the name of the context. Defaults to "default". ContextName string // ClusterName sets the name of the cluster. Defaults to "default". ClusterName string // UserName sets the name of the user. Defaults to "default". UserName string }
GenerateConfigOptions are options for generating a new config.
type InitOptions ¶ added in v0.15.0
type InitOptions struct { // CAName is the name of the CA. CAName string // AdminName is the name of the admin user. AdminName string // KeySize is the size of the keys to generate. KeySize int // KeyType is the type of keys to generate. KeyType string // CAExpiry is the expiry of the CA. CAExpiry time.Duration // AdminExpiry is the expiry of the admin user. AdminExpiry time.Duration }
InitOptions are options for generating a new PKI.
type IssueOptions ¶
type IssueOptions struct { // Name is the name of the certificate. Name string // KeySize is the size of the keys to generate. KeySize int // KeyType is the type of keys to generate. KeyType string // Expiry is the expiry of the certificate. Expiry time.Duration }
IssueOptions are options for issuing a new certificate.
type PKI ¶
type PKI interface { // Init generates a new PKI. Init(InitOptions) error // Issue issues a new certificate. Issue(IssueOptions) error // GenerateConfig generates a new config. GenerateConfig(GenerateConfigOptions) error }
PKI is an interface for managing the PKI for a cluster using mTLS.
Click to show internal directories.
Click to hide internal directories.