Documentation
¶
Index ¶
- func MustNewServerConfig(logger *slog.Logger, src source.ServerCertsSource, ...) *tls.Config
- func NewServerCertsStore(logger *slog.Logger, src source.ServerCertsSource) (*source.ServerCertsStore, error)
- func NewServerConfig(logger *slog.Logger, src source.ServerCertsSource, ...) (*tls.Config, error)
- type TLSServerConfigOption
- func WithTLSServerCipherSuites(cipherSuites []uint16) TLSServerConfigOption
- func WithTLSServerCurvePreferences(curvePreferences []tls.CurveID) TLSServerConfigOption
- func WithTLSServerNextProtos(nextProto []string) TLSServerConfigOption
- func WithTLSServerVerifyPeerCertificate(verifyFunc VerifyPeerCertificateFunc) TLSServerConfigOption
- type VerifyPeerCertificateFunc
Constants ¶
This section is empty.
Variables ¶
This section is empty.
Functions ¶
func MustNewServerConfig ¶
func MustNewServerConfig(logger *slog.Logger, src source.ServerCertsSource, opts ...TLSServerConfigOption) *tls.Config
MustNewServerConfig is like NewServerConfig but panics if the config cannot be created.
func NewServerCertsStore ¶
func NewServerCertsStore(logger *slog.Logger, src source.ServerCertsSource) (*source.ServerCertsStore, error)
func NewServerConfig ¶
func NewServerConfig(logger *slog.Logger, src source.ServerCertsSource, opts ...TLSServerConfigOption) (*tls.Config, error)
NewServerConfig provides new server TLS configuration.
Types ¶
type TLSServerConfigOption ¶
func WithTLSServerCipherSuites ¶ added in v0.0.5
func WithTLSServerCipherSuites(cipherSuites []uint16) TLSServerConfigOption
func WithTLSServerCurvePreferences ¶ added in v0.0.5
func WithTLSServerCurvePreferences(curvePreferences []tls.CurveID) TLSServerConfigOption
func WithTLSServerNextProtos ¶
func WithTLSServerNextProtos(nextProto []string) TLSServerConfigOption
func WithTLSServerVerifyPeerCertificate ¶ added in v0.0.5
func WithTLSServerVerifyPeerCertificate(verifyFunc VerifyPeerCertificateFunc) TLSServerConfigOption
WithTLSServerVerifyPeerCertificate sets or chains a custom VerifyPeerCertificate function on a *tls.Config. If a nil function is provided, it unsets the certificate verification function (including the standard verification). If an existing verification function is present, the new function is chained so that it is invoked only if the existing one succeeds.
type VerifyPeerCertificateFunc ¶ added in v0.0.5
type VerifyPeerCertificateFunc func(rawCerts [][]byte, verifiedChains [][]*x509.Certificate) error
Source Files
Directories
Click to show internal directories.
Click to hide internal directories.