Back to / security / tls / certificateauthority

Package certificateauthority

Latest Go to latest

The latest major version is .

Published: Jun 24, 2020 | License: Apache-2.0 | Module:


Package certificateauthority implements an x509 certificate authority.


type CertificateAuthority

type CertificateAuthority struct {
	// The amount of allowable clock drift between the systems between
	// which certificates are exchanged.
	DriftMargin time.Duration
	// The keycrypt secret that contains the PEM-encoded signing
	// certificate and public key.
	Signer keycrypt.Secret
	// The x509 certificate. Populated by Init().
	Cert *x509.Certificate
	// contains filtered or unexported fields

CertificateAuthority is a x509 certificate authority.

func (*CertificateAuthority) Init

func (ca *CertificateAuthority) Init() error

Init initializes the certificate authority. Init extracts the the authority certificate and private key from ca.Signer.

func (CertificateAuthority) Issue

func (ca CertificateAuthority) Issue(commonName string, ttl time.Duration, ips []net.IP, dnss []string) ([]byte, *rsa.PrivateKey, error)

Issue a new certificate with both client and server authentication key usage extensions.

func (CertificateAuthority) IssueWithKeyUsage

func (ca CertificateAuthority) IssueWithKeyUsage(commonName string, ttl time.Duration, ips []net.IP, dnss []string, keyUsage []x509.ExtKeyUsage) ([]byte, *rsa.PrivateKey, error)

IssueWithKeyUsage a new certificate with the indicated key usage extensions.

Package Files

Documentation was rendered with GOOS=linux and GOARCH=amd64.

Jump to identifier

Keyboard shortcuts

? : This menu
/ : Search site
f or F : Jump to identifier