Package certificateauthority implements an x509 certificate authority.



    This section is empty.


    This section is empty.


    This section is empty.


    type CertificateAuthority

    type CertificateAuthority struct {
    	// The amount of allowable clock drift between the systems between
    	// which certificates are exchanged.
    	DriftMargin time.Duration
    	// The keycrypt secret that contains the PEM-encoded signing
    	// certificate and public key.
    	Signer keycrypt.Secret
    	// The x509 certificate. Populated by Init().
    	Cert *x509.Certificate
    	// contains filtered or unexported fields

      CertificateAuthority is a x509 certificate authority.

      func (*CertificateAuthority) Init

      func (ca *CertificateAuthority) Init() error

        Init initializes the certificate authority. Init extracts the the authority certificate and private key from ca.Signer.

        func (CertificateAuthority) Issue

        func (ca CertificateAuthority) Issue(commonName string, ttl time.Duration, ips []net.IP, dnss []string) ([]byte, *rsa.PrivateKey, error)

          Issue a new certificate with both client and server authentication key usage extensions.

          func (CertificateAuthority) IssueWithKeyUsage

          func (ca CertificateAuthority) IssueWithKeyUsage(commonName string, ttl time.Duration, ips []net.IP, dnss []string, keyUsage []x509.ExtKeyUsage) ([]byte, *rsa.PrivateKey, error)

            IssueWithKeyUsage a new certificate with the indicated key usage extensions.

            Source Files