ssl

package
v1.0.0 Latest Latest
Warning

This package is not in the latest version of its module.

 Go to latest Published: Jul 11, 2015 License: Apache-2.0, Apache-2.0 Imports: 10 Imported by: 0

Documentation

Overview

Package ssl provides information and interaction with the SSL Termination feature of the Rackspace Cloud Load Balancer service.

You may only enable and configure SSL termination on load balancers with non-secure protocols, such as HTTP, but not HTTPS.

SSL-terminated load balancers decrypt the traffic at the traffic manager and pass unencrypted traffic to the back-end node. Because of this, the customer's back-end nodes don't know what protocol the client requested. For this reason, the X-Forwarded-Proto (XFP) header has been added for identifying the originating protocol of an HTTP request as "http" or "https" depending on what protocol the client requested.

Not every service returns certificates in the proper order. Please verify that your chain of certificates matches that of walking up the chain from the domain to the CA root.

If used for HTTP to HTTPS redirection, the LoadBalancer's securePort attribute must be set to 443, and its secureTrafficOnly attribute must be true.

Index

Constants

This section is empty.

Variables

This section is empty.

Functions

func ListCerts 

func ListCerts(c *gophercloud.ServiceClient, lbID int) pagination.Pager

ListCerts will list all of the certificate mappings associated with a SSL-terminated HTTP load balancer.

Types

type CertPage 

type CertPage struct {
	pagination.LinkedPageBase
}

CertPage represents a page of certificates.

func (CertPage) IsEmpty 

func (p CertPage) IsEmpty() (bool, error)

IsEmpty checks whether a CertMappingPage struct is empty.

type Certificate 

type Certificate struct {
	ID             int
	HostName       string
	Certificate    string
	IntCertificate string `mapstructure:"intermediateCertificate"`
}

Certificate represents an SSL certificate associated with an SSL-terminated HTTP load balancer.

func ExtractCerts 

func ExtractCerts(page pagination.Page) ([]Certificate, error)

ExtractCerts accepts a Page struct, specifically a CertPage struct, and extracts the elements into a slice of Cert structs. In other words, a generic collection is mapped into a relevant slice.

type CreateCertOpts 

type CreateCertOpts struct {
	HostName       string
	PrivateKey     string
	Certificate    string
	IntCertificate string
}

CreateCertOpts represents the options used when adding a new certificate mapping.

func (CreateCertOpts) ToCertCreateMap 

func (opts CreateCertOpts) ToCertCreateMap() (map[string]interface{}, error)

ToCertCreateMap will cast an CreateCertOpts struct to a map for JSON serialization.

type CreateCertOptsBuilder 

type CreateCertOptsBuilder interface {
	ToCertCreateMap() (map[string]interface{}, error)
}

CreateCertOptsBuilder is the interface options structs have to satisfy in order to be used in the AddCert operation in this package.

type CreateCertResult 

type CreateCertResult struct {
	// contains filtered or unexported fields
}

CreateCertResult represents the result of an CreateCert operation.

func CreateCert 

func CreateCert(c *gophercloud.ServiceClient, lbID int, opts CreateCertOptsBuilder) CreateCertResult

CreateCert will add a new SSL certificate and allow an SSL-terminated HTTP load balancer to use it. This feature is useful because it allows multiple certificates to be used. The maximum number of certificates that can be stored per LB is 20.

func (CreateCertResult) Extract 

func (r CreateCertResult) Extract() (*Certificate, error)

Extract interprets a result as a CertMapping struct, if possible.

type DeleteResult 

type DeleteResult struct {
	gophercloud.ErrResult
}

DeleteResult represents the result of a delete operation.

func Delete 

func Delete(c *gophercloud.ServiceClient, lbID int) DeleteResult

Delete is the operation responsible for deleting the SSL Termination configuration for a load balancer.

func DeleteCert 

func DeleteCert(c *gophercloud.ServiceClient, lbID, certID int) DeleteResult

DeleteCert is the operation responsible for permanently removing a SSL certificate.

type GetCertResult 

type GetCertResult struct {
	// contains filtered or unexported fields
}

GetCertResult represents the result of a GetCert operation.

func GetCert 

func GetCert(c *gophercloud.ServiceClient, lbID, certID int) GetCertResult

GetCert will show the details of an existing SSL certificate.

func (GetCertResult) Extract 

func (r GetCertResult) Extract() (*Certificate, error)

Extract interprets a result as a CertMapping struct, if possible.

type GetResult 

type GetResult struct {
	gophercloud.Result
}

GetResult represents the result of a get operation.

func Get 

func Get(c *gophercloud.ServiceClient, lbID int) GetResult

Get is the operation responsible for showing the details of the SSL Termination configuration for a load balancer.

func (GetResult) Extract 

func (r GetResult) Extract() (*SSLTermConfig, error)

Extract interprets a GetResult as a SSLTermConfig struct, if possible.

type SSLTermConfig 

type SSLTermConfig struct {
	// The port on which the SSL termination load balancer listens for secure
	// traffic. The value must be unique to the existing LB protocol/port
	// combination
	SecurePort int `mapstructure:"securePort"`

	// The private key for the SSL certificate which is validated and verified
	// against the provided certificates.
	PrivateKey string `mapstructure:"privatekey"`

	// The certificate used for SSL termination, which is validated and verified
	// against the key and intermediate certificate if provided.
	Certificate string

	// The intermediate certificate (for the user). The intermediate certificate
	// is validated and verified against the key and certificate credentials
	// provided. A user may only provide this value when accompanied by a
	// Certificate, PrivateKey, and SecurePort. It may not be added or updated as
	// a single attribute in a future operation.
	IntCertificate string `mapstructure:"intermediatecertificate"`

	// Determines if the load balancer is enabled to terminate SSL traffic or not.
	// If this is set to false, the load balancer retains its specified SSL
	// attributes but does not terminate SSL traffic.
	Enabled bool

	// Determines if the load balancer can only accept secure traffic. If set to
	// true, the load balancer will not accept non-secure traffic.
	SecureTrafficOnly bool
}

SSLTermConfig represents the SSL configuration for a particular load balancer.

type UpdateCertOpts 

type UpdateCertOpts struct {
	HostName       string
	PrivateKey     string
	Certificate    string
	IntCertificate string
}

UpdateCertOpts represents the options needed to update a SSL certificate.

func (UpdateCertOpts) ToCertUpdateMap 

func (opts UpdateCertOpts) ToCertUpdateMap() (map[string]interface{}, error)

ToCertUpdateMap will cast an UpdateCertOpts struct into a map for JSON seralization.

type UpdateCertOptsBuilder 

type UpdateCertOptsBuilder interface {
	ToCertUpdateMap() (map[string]interface{}, error)
}

UpdateCertOptsBuilder is the interface options structs have to satisfy in order to be used in the UpdateCert operation in this package.

type UpdateCertResult 

type UpdateCertResult struct {
	// contains filtered or unexported fields
}

UpdateCertResult represents the result of an UpdateCert operation.

func UpdateCert 

func UpdateCert(c *gophercloud.ServiceClient, lbID, certID int, opts UpdateCertOptsBuilder) UpdateCertResult

UpdateCert is the operation responsible for updating the details of an existing SSL certificate.

func (UpdateCertResult) Extract 

func (r UpdateCertResult) Extract() (*Certificate, error)

Extract interprets a result as a CertMapping struct, if possible.

type UpdateOpts 

type UpdateOpts struct {
	// Required - consult the SSLTermConfig struct for more info.
	SecurePort int

	// Required - consult the SSLTermConfig struct for more info.
	PrivateKey string

	// Required - consult the SSLTermConfig struct for more info.
	Certificate string

	// Required - consult the SSLTermConfig struct for more info.
	IntCertificate string

	// Optional - consult the SSLTermConfig struct for more info.
	Enabled *bool

	// Optional - consult the SSLTermConfig struct for more info.
	SecureTrafficOnly *bool
}

UpdateOpts is the common options struct used in this package's Update operation.

func (UpdateOpts) ToSSLUpdateMap 

func (opts UpdateOpts) ToSSLUpdateMap() (map[string]interface{}, error)

ToSSLUpdateMap casts a CreateOpts struct to a map.

type UpdateOptsBuilder 

type UpdateOptsBuilder interface {
	ToSSLUpdateMap() (map[string]interface{}, error)
}

UpdateOptsBuilder is the interface options structs have to satisfy in order to be used in the main Update operation in this package.

type UpdateResult 

type UpdateResult struct {
	gophercloud.ErrResult
}

UpdateResult represents the result of an update operation.

func Update 

func Update(c *gophercloud.ServiceClient, lbID int, opts UpdateOptsBuilder) UpdateResult

Update is the operation responsible for updating the SSL Termination configuration for a load balancer.

Source Files

View all Source files

Jump to

Keyboard shortcuts

? : This menu
/ : Search site
f or F : Jump to
y or Y : Canonical URL
go.dev uses cookies from Google to deliver and enhance the quality of its services and to analyze traffic. Learn more.