Back to godoc.org

Package authority

v0.16.1
Latest Go to latest

The latest major version is .

Published: Aug 7, 2020 | License: Apache-2.0 | Module: github.com/jetstack/cert-manager

Index

type DynamicAuthority

type DynamicAuthority struct {
	// Namespace and Name of the Secret resource used to store the authority.
	SecretNamespace, SecretName string

	// RESTConfig used to connect to the apiserver.
	RESTConfig *rest.Config

	// The amount of time the root CA certificate will be valid for.
	// This must be greater than LeafDuration.
	// Defaults to 365d.
	CADuration time.Duration

	// The amount of time leaf certificates signed by ths authority will be
	// valid for.
	// This must be less than CADuration.
	// Defaults to 7d.
	LeafDuration time.Duration

	// Logger to write messages to.
	Log logr.Logger
	// contains filtered or unexported fields
}

DynamicAuthority manages a certificate authority stored in a Secret resource and provides methods to obtain signed leaf certificates. The private key and certificate will be automatically generated, and when nearing expiry, the private key and root certificate will be rotated.

func (*DynamicAuthority) Run

func (d *DynamicAuthority) Run(stopCh <-chan struct{}) error

func (*DynamicAuthority) Sign

func (d *DynamicAuthority) Sign(template *x509.Certificate) (*x509.Certificate, error)

Sign will sign the given certificate template using the current version of the managed CA. It will automatically set the NotBefore and NotAfter times appropriately.

func (*DynamicAuthority) WatchRotation

func (d *DynamicAuthority) WatchRotation(stopCh <-chan struct{}) <-chan struct{}

WatchRotation will returns a channel that fires notifications if the CA certificate is rotated/updated. This can be used to automatically trigger rotation of leaf certificates when the root CA changes.

type SignFunc

type SignFunc func(template *x509.Certificate) (*x509.Certificate, error)

Package Files

Documentation was rendered with GOOS=linux and GOARCH=amd64.

Jump to identifier

Keyboard shortcuts

? : This menu
/ : Search site
f or F : Jump to identifier