Documentation
¶
Index ¶
Constants ¶
This section is empty.
Variables ¶
This section is empty.
Functions ¶
func EnsureKeyMaterial ¶
EnsureKeyMaterial checks if the CA and a local certificate/key is available. If not, the CA and/or the certificate are fetched from the configured (WirePact-)PKI.
func GetJWTCertificateHeaders ¶
GetJWTCertificateHeaders returns a tuple containing the x5c and x5t headers for JWTs. The x5c contains the signing certificate with the CA certificate and the x5t header contains a sha 256 hash of the signing certificate.
Example:
x5c, x5t := pki.GetJWTCertificateHeaders() jwt.Headers["x5c"] = x5c jwt.Headers["x5t"] = x5t
func GetPrivateKey ¶
func GetPrivateKey() *rsa.PrivateKey
GetPrivateKey returns the RSA private key to sign JWTs.
Types ¶
type Config ¶
type Config struct {
// The base address (uri) of the PKI.
// This config is only compatible with the k8s-pki for WirePact
// (https://github.com/WirePact/k8s-pki).
BaseAddress string
// The path of the CA (http get) endpoint.
CAPath string
// The path of the CSR (http post) endpoint.
CSRPath string
// If set, defines a relative or absolute path to a directory
// where the key material should be stored. If omitted, the current
// application execution directory is used.
LocalCertPath string
// The name that should be set in the CSR as the common name for the translator.
CertificateCommonName string
}
Config contains the information about the PKI. It instructs the certificate methods on where to fetch the CA certificate and where to send the CSR to.
Source Files
Click to show internal directories.
Click to hide internal directories.