Documentation
¶
Index ¶
- func Generate(subject *pkix.Name, caCrtTemplate x509.Certificate, caKey rsa.PrivateKey) (crt *bytes.Buffer, key *bytes.Buffer, err error)
- func GenerateCA(subject *pkix.Name) (caCrt *bytes.Buffer, caKey *rsa.PrivateKey, caCrtTemplate *x509.Certificate, ...)
- func VerifyCertificate(caCrt *bytes.Buffer, crt *bytes.Buffer) (bool, error)
- type CertificateBundle
Constants ¶
This section is empty.
Variables ¶
This section is empty.
Functions ¶
func Generate ¶
func Generate(subject *pkix.Name, caCrtTemplate x509.Certificate, caKey rsa.PrivateKey) (crt *bytes.Buffer, key *bytes.Buffer, err error)
Generate takes a subject, caCrtTemplate and caKey and returns crt, key and error if error is not nil, do not rely on crt or keys being not nil.
func GenerateCA ¶
func GenerateCA(subject *pkix.Name) (caCrt *bytes.Buffer, caKey *rsa.PrivateKey, caCrtTemplate *x509.Certificate, err error)
GenerateCA take a subject and returns caCrt, caKey and caCrtTemplate The caKey and caCrtTemplate should be passed into Generate along with a similar subject except the CN name should be different from the CA.
Types ¶
type CertificateBundle ¶
type CertificateBundle struct {
CACrt *bytes.Buffer
CAKey *bytes.Buffer
ServerCrt *bytes.Buffer
ServerKey *bytes.Buffer
ClientCrt *bytes.Buffer
ClientKey *bytes.Buffer
// contains filtered or unexported fields
}
CertificateBundle stores the data used for creating a secret with tls bundle that includes a self signed CA (crt and key) as well as client and server certs (cert and key).
func New ¶
func New() (*CertificateBundle, error)
New returns CertificateBundle after populating all the public fields. It should ideally be persisted in kubernetes objects (secrets) by consumers. If the secret is lost or deleted, New should be called again to get a fresh bundle.
Source Files