ca

Documentation

Index

• func DefaultPath() string
• type CA
  • func Init(ctx context.Context, caPath string, opts domain.CAInitOptions) (*CA, error)
  • func Load(ctx context.Context, caPath string) (*CA, error)
  • func Renew(ctx context.Context, caPath string) (*CA, error)
  • func (c *CA) CertPath() string
  • func (c *CA) Fingerprint() string

Functions

func DefaultPath

func DefaultPath() string

DefaultPath returns the default filesystem path for the Certificate Authority directory.

Types

type CA

type CA struct {
	// Cert is the parsed X.509 CA certificate.
	Cert *x509.Certificate
	// Key is the CA's private signing key.
	Key crypto.Signer
	// CertPEM is the PEM-encoded CA certificate bytes.
	CertPEM []byte
	// Path is the directory on disk where the CA files are stored.
	Path string
	// Config holds the options used to create this CA, if available.
	Config *domain.CAInitOptions
}

CA represents a loaded Certificate Authority with its certificate, private key, and on-disk path.

func Init

func Init(ctx context.Context, caPath string, opts domain.CAInitOptions) (*CA, error)

Init creates a new root Certificate Authority at caPath, generating a key pair and self-signed certificate.

func Load

func Load(ctx context.Context, caPath string) (*CA, error)

Load reads an existing Certificate Authority from caPath, parsing the certificate and private key.

func Renew

func Renew(ctx context.Context, caPath string) (*CA, error)

Renew re-issues the root CA certificate at caPath with a new validity period, keeping the existing private key.

func (*CA) CertPath

func (c *CA) CertPath() string

CertPath returns the absolute path to the CA's root certificate PEM file.

func (*CA) Fingerprint

func (c *CA) Fingerprint() string

Fingerprint returns the SHA-256 fingerprint of the CA certificate as a colon-separated hex string.