Documentation
¶
Index ¶
Constants ¶
View Source
const DefaultIssuerBitSize = 1024
DefaultIssuerBitSize defines default bit size for issued certs.
View Source
const DefaultIssuerRootBitSize = 2048
DefaultIssuerRootBitSize defines default bit size for a self-signed root cert.
Variables ¶
View Source
var ( // DefaultIssuerRootTmpl is the default template for self-signed root CA certificate. DefaultIssuerRootTmpl = x509.Certificate{ SerialNumber: big.NewInt(1), Issuer: pkix.Name{ CommonName: "issuer.example.org", Organization: []string{"Multiproxy Issuer Org"}, }, Subject: pkix.Name{ CommonName: "root.example.org", Organization: []string{"Multiproxy Root Org"}, }, NotBefore: time.Now(), NotAfter: time.Now().Add(time.Hour * 24 * 365 * 2), IsCA: true, BasicConstraintsValid: true, OCSPServer: []string{"ocsp.example.org"}, DNSNames: []string{"root.example.org"}, SignatureAlgorithm: x509.SHA1WithRSA, KeyUsage: x509.KeyUsageCertSign, } // DefaultIssuerTmpl is the default template for issued certificates. DefaultIssuerTmpl = x509.Certificate{ SerialNumber: big.NewInt(1), Subject: pkix.Name{ Country: []string{"AQ"}, Organization: []string{"Multiproxy"}, }, KeyUsage: x509.KeyUsageDigitalSignature, ExtKeyUsage: []x509.ExtKeyUsage{x509.ExtKeyUsageServerAuth}, } )
Functions ¶
This section is empty.
Types ¶
type Issuer ¶
type Issuer interface {
Issue(cn string, dnsnames []string, ipaddresses []net.IP) (*tls.Certificate, error)
}
Issuer defines interface for on-flight certificate generator
type SelfSignedCA ¶
type SelfSignedCA struct {
// Cert is a cert chain used to sign newly issued certs. The cert's primary usage must be x509.KeyUsageCertSign
//
// If nil, a self-signed cert will be generated.
Cert *tls.Certificate
// BitSize defines bit size for issued certificate keys generation.
//
// If 0, DefaultIssuerBitSize will be used.
BitSize int
// RootBitSize defines bit size for self-signed root certificate key generation.
//
// If 0, DefaultIssuerRootBitSize will be used.
RootBitSize int
// Tmpl is a template for issued certificates.
//
// If nil, DefaultIssuerTmpl will be used.
Tmpl *x509.Certificate
// RootTmpl is a template for self-signed root certificate.
//
// If nil, DefaultIssuerRootTmpl will be used.
RootTmpl *x509.Certificate
// Rand is a source of randomness for generated certs.
//
// If nil, crypto/rand.Reader will be used.
Rand io.Reader
// contains filtered or unexported fields
}
SelfSignedCA defines an Issuer. Zero value is a valid instance.
func (*SelfSignedCA) Issue ¶
func (ca *SelfSignedCA) Issue(cn string, dnsnames []string, ipaddresses []net.IP) (*tls.Certificate, error)
Issue implements Issuer interface
Source Files
Click to show internal directories.
Click to hide internal directories.