View Source
const (
	// RegistrationURLPathV1Regexp is a regexp which match ACME registration URL in the V1 format
	RegistrationURLPathV1Regexp = `^.*/acme/reg/\d+$`


View Source
var (
	// OSCPMustStaple enables OSCP stapling as from
	OSCPMustStaple = false


func CheckFile

func CheckFile(name string) (bool, error)

    CheckFile checks file permissions and content size

    func GetKeyType

    func GetKeyType(value string) certcrypto.KeyType

      GetKeyType used to determine which algo to used


      type Account

      type Account struct {
      	Email        string
      	Registration *registration.Resource
      	PrivateKey   []byte
      	KeyType      certcrypto.KeyType

        Account is used to store lets encrypt registration info

        func NewAccount

        func NewAccount(email string, keyTypeValue string) (*Account, error)

          NewAccount creates an account

          func (*Account) GetEmail

          func (a *Account) GetEmail() string

            GetEmail returns email

            func (*Account) GetPrivateKey

            func (a *Account) GetPrivateKey() crypto.PrivateKey

              GetPrivateKey returns private key

              func (*Account) GetRegistration

              func (a *Account) GetRegistration() *registration.Resource

                GetRegistration returns lets encrypt registration resource

                type Certificate

                type Certificate struct {
                	Domain      types.Domain
                	Certificate []byte
                	Key         []byte

                  Certificate is a struct which contains all data needed from an ACME certificate

                  type Configuration

                  type Configuration struct {
                  	Email       string `description:"Email address used for registration"`
                  	ACMELogging bool   `description:"Enable debug logging of ACME actions."`
                  	CAServer    string `description:"CA server to use."`
                  	Storage     string `description:"Storage to use."`
                  	EntryPoint  string `description:"EntryPoint to use."`
                  	KeyType     string `` /* 150-byte string literal not displayed */
                  	OnHostRule  bool   `description:"Enable certificate generation on frontends Host rules."`
                  	OnDemand    bool   `` // Deprecated
                  	/* 189-byte string literal not displayed */
                  	DNSChallenge  *DNSChallenge  `description:"Activate DNS-01 Challenge"`
                  	HTTPChallenge *HTTPChallenge `description:"Activate HTTP-01 Challenge"`
                  	TLSChallenge  *TLSChallenge  `description:"Activate TLS-ALPN-01 Challenge"`
                  	Domains       []types.Domain `` /* 203-byte string literal not displayed */

                    Configuration holds ACME configuration provided by users

                    type DNSChallenge

                    type DNSChallenge struct {
                    	Provider                string             `description:"Use a DNS-01 based challenge provider rather than HTTPS."`
                    	DelayBeforeCheck        flaeg.Duration     `description:"Assume DNS propagates after a delay in seconds rather than finding and querying nameservers."`
                    	Resolvers               types.DNSResolvers `description:"Use following DNS servers to resolve the FQDN authority."`
                    	DisablePropagationCheck bool               `description:"Disable the DNS propagation checks before notifying ACME that the DNS challenge is ready. [not recommended]"`
                    	// contains filtered or unexported fields

                      DNSChallenge contains DNS challenge Configuration

                      type HTTPChallenge

                      type HTTPChallenge struct {
                      	EntryPoint string `description:"HTTP challenge EntryPoint"`

                        HTTPChallenge contains HTTP challenge Configuration

                        type LocalStore

                        type LocalStore struct {
                        	SaveDataChan chan *StoredData `json:"-"`
                        	// contains filtered or unexported fields

                          LocalStore Store implementation for local file

                          func NewLocalStore

                          func NewLocalStore(filename string) *LocalStore

                            NewLocalStore initializes a new LocalStore with a file name

                            func (*LocalStore) AddTLSChallenge

                            func (s *LocalStore) AddTLSChallenge(domain string, cert *Certificate) error

                              AddTLSChallenge Add a certificate to the ACME TLS-ALPN-01 certificates storage

                              func (*LocalStore) GetAccount

                              func (s *LocalStore) GetAccount() (*Account, error)

                                GetAccount returns ACME Account

                                func (*LocalStore) GetCertificates

                                func (s *LocalStore) GetCertificates() ([]*Certificate, error)

                                  GetCertificates returns ACME Certificates list

                                  func (*LocalStore) GetHTTPChallengeToken

                                  func (s *LocalStore) GetHTTPChallengeToken(token, domain string) ([]byte, error)

                                    GetHTTPChallengeToken Get the http challenge token from the store

                                    func (*LocalStore) GetTLSChallenge

                                    func (s *LocalStore) GetTLSChallenge(domain string) (*Certificate, error)

                                      GetTLSChallenge Get a certificate from the ACME TLS-ALPN-01 certificates storage

                                      func (*LocalStore) RemoveHTTPChallengeToken

                                      func (s *LocalStore) RemoveHTTPChallengeToken(token, domain string) error

                                        RemoveHTTPChallengeToken Remove the http challenge token in the store

                                        func (*LocalStore) RemoveTLSChallenge

                                        func (s *LocalStore) RemoveTLSChallenge(domain string) error

                                          RemoveTLSChallenge Remove a certificate from the ACME TLS-ALPN-01 certificates storage

                                          func (*LocalStore) SaveAccount

                                          func (s *LocalStore) SaveAccount(account *Account) error

                                            SaveAccount stores ACME Account

                                            func (*LocalStore) SaveCertificates

                                            func (s *LocalStore) SaveCertificates(certificates []*Certificate) error

                                              SaveCertificates stores ACME Certificates list

                                              func (*LocalStore) SetHTTPChallengeToken

                                              func (s *LocalStore) SetHTTPChallengeToken(token, domain string, keyAuth []byte) error

                                                SetHTTPChallengeToken Set the http challenge token in the store

                                                type Provider

                                                type Provider struct {
                                                	Store Store
                                                	// contains filtered or unexported fields

                                                  Provider holds configurations of the provider.

                                                  func (*Provider) AddRoutes

                                                  func (p *Provider) AddRoutes(router *mux.Router)

                                                    AddRoutes add routes on internal router

                                                    func (*Provider) GetTLSALPNCertificate

                                                    func (p *Provider) GetTLSALPNCertificate(domain string) (*tls.Certificate, error)

                                                      GetTLSALPNCertificate Get the temp certificate for ACME TLS-ALPN-O1 challenge.

                                                      func (*Provider) Init

                                                      func (p *Provider) Init(_ types.Constraints) error

                                                        Init for compatibility reason the BaseProvider implements an empty Init

                                                        func (*Provider) ListenConfiguration

                                                        func (p *Provider) ListenConfiguration(config types.Configuration)

                                                          ListenConfiguration sets a new Configuration into the configFromListenerChan

                                                          func (*Provider) ListenRequest

                                                          func (p *Provider) ListenRequest(domain string) (*tls.Certificate, error)

                                                            ListenRequest resolves new certificates for a domain from an incoming request and return a valid Certificate to serve (onDemand option)

                                                            func (*Provider) Provide

                                                            func (p *Provider) Provide(configurationChan chan<- types.ConfigMessage, pool *safe.Pool) error

                                                              Provide allows the file provider to provide configurations to traefik using the given Configuration channel.

                                                              func (*Provider) SetCertificateStore

                                                              func (p *Provider) SetCertificateStore(certificateStore *traefiktls.CertificateStore)

                                                                SetCertificateStore allow to initialize certificate store

                                                                func (*Provider) SetConfigListenerChan

                                                                func (p *Provider) SetConfigListenerChan(configFromListenerChan chan types.Configuration)

                                                                  SetConfigListenerChan initializes the configFromListenerChan

                                                                  type Store

                                                                  type Store interface {
                                                                  	GetAccount() (*Account, error)
                                                                  	SaveAccount(*Account) error
                                                                  	GetCertificates() ([]*Certificate, error)
                                                                  	SaveCertificates([]*Certificate) error
                                                                  	GetHTTPChallengeToken(token, domain string) ([]byte, error)
                                                                  	SetHTTPChallengeToken(token, domain string, keyAuth []byte) error
                                                                  	RemoveHTTPChallengeToken(token, domain string) error
                                                                  	AddTLSChallenge(domain string, cert *Certificate) error
                                                                  	GetTLSChallenge(domain string) (*Certificate, error)
                                                                  	RemoveTLSChallenge(domain string) error

                                                                    Store is a generic interface to represents a storage

                                                                    type StoredData

                                                                    type StoredData struct {
                                                                    	Account        *Account
                                                                    	Certificates   []*Certificate
                                                                    	HTTPChallenges map[string]map[string][]byte
                                                                    	TLSChallenges  map[string]*Certificate

                                                                      StoredData represents the data managed by the Store

                                                                      type TLSChallenge

                                                                      type TLSChallenge struct{}

                                                                        TLSChallenge contains TLS challenge Configuration