v0.5.8 Latest Latest

This package is not in the latest version of its module.

Go to latest
Published: Jul 15, 2020 License: Apache-2.0 Imports: 13 Imported by: 0



Package authority provides an in-process TLS certificate authority, useful for creating and distributing TLS certificates for mutually authenticated HTTPS networking within Bigmachine.



View Source
const DriftMargin = time.Minute

DriftMargin is the amount of acceptable clock drift during certificate issuing and verification.


This section is empty.


This section is empty.


type T

type T struct {
	// contains filtered or unexported fields
A T is a TLS certificate authority which can issue client and server

certificates and provide configuration for HTTPS clients.

func New

func New(filename string) (*T, error)

New creates a new certificate authority, reading the PEM-encoded certificate and private key from the provided path. If the path does not exist, newCA instead creates a new certificate authority and stores it at the provided path. If path is empty, the authority is ephemeral.

func (*T) Cert

func (c *T) Cert() *x509.Certificate

Cert returns the authority's x509 certificate.

func (*T) HTTPSConfig

func (c *T) HTTPSConfig() (client, server *tls.Config, err error)

HTTPSConfig returns a tls configs based on newly issued TLS certificates from this CA.

func (*T) Issue

func (c *T) Issue(cn string, ttl time.Duration, ips []net.IP, dnss []string) ([]byte, *rsa.PrivateKey, error)

Issue issues a new certificate out of this CA with the provided common name, ttl, ips, and DNSes.

Jump to

Keyboard shortcuts

? : This menu
/ : Search site
f or F : Jump to
y or Y : Canonical URL