gnoi_cert

command
v0.0.0-...-ca39941 Latest Latest
Warning

This package is not in the latest version of its module.

 Go to latest Published: Mar 14, 2021 License: Apache-2.0 Imports: 16 Imported by: 0

README

gNOI Certificate Management Client

A simple shell binary that performs Certificate Management client operations against a gNOI Target.

Certificates

Only the Root certificate and private key are required for this client. The client will:

  • generate a client certificate for establishing the connection to the Target
  • sign target signing requests for installing or rotating certificates on the Target

The client certificates can also be provided to establish the connection to the target and will be used instead.

gNOI Certificate Management operations

  • -op provision installs a Certificate and CA Bundle on a Target that is in bootstrapping mode, accepting encrypted TLS connections;
  • -op install installs a certificate and CA Bundle on a Target where it was already provisioned. Connections are authenticated using TLS;
  • -op rotate rotates a certificate on a provisioned Target;
  • -op revoke revokes a certificate on a provisioned Target;
  • -op get gets all installed certificate on a provisioned Target;
  • -op check check if a provisioned target can generate CSRs;

Install

go get github.com/google/gnxi/gnoi_cert
go install github.com/google/gnxi/gnoi_cert

Run

./gnoi_cert \
  -target_addr localhost:9339 \
  -target_name target.com \
  -ca_key ca.key \
  -ca ca.crt \
  -op provision \
  -cert_id provision_cert

Documentation

Overview

Binary implements a Certificate Management service client.

Source Files

View all Source files

Jump to

Keyboard shortcuts

? : This menu
/ : Search site
f or F : Jump to
y or Y : Canonical URL
go.dev uses cookies from Google to deliver and enhance the quality of its services and to analyze traffic. Learn more.