tls

package

v1.3.3 Latest Latest Go to latest Published: May 19, 2017 License: Apache-2.0 Imports: 15 Imported by: 0

Details

Valid go.mod file

The Go module system was introduced in Go 1.11 and is the official dependency management solution for Go.
Redistributable license

Redistributable licenses place minimal restrictions on how software can be used, modified, and redistributed.
Tagged version

Modules with tagged versions give importers more predictable builds.
Stable version

When a project reaches major version v1 it is considered stable.
Learn more about best practices

Repository

github.com/jlmeeker/kismatic

Links

Open Source Insights

Documentation ¶

Overview ¶

Package tls contains utilities for generating certificates and authorities

Index ¶

func CertExistsAndValid(CN string, SANs []string, organizations []string, name, dir string) (valid bool, warn []error, err error)
func CertKeyPairExists(name, dir string) (bool, error)
func CertValid(CN string, SANs []string, name, dir string) (valid bool, warn []error, err error)
func NewCACert(csrFile string, commonName string) (key, cert []byte, err error)
func NewCert(ca *CA, req csr.CertificateRequest) (key, cert []byte, err error)
func ReadCACert(name, dir string) (key, cert []byte, err error)
func WriteCert(key, cert []byte, name, dir string) error
type CA
type Subject

Constants ¶

This section is empty.

Variables ¶

This section is empty.

Functions ¶

func CertExistsAndValid ¶ added in v1.2.0

func CertExistsAndValid(CN string, SANs []string, organizations []string, name, dir string) (valid bool, warn []error, err error)

CertExistsAndValid verifies that the cert exists and the CN and SANs match the expected values

func CertKeyPairExists ¶

func CertKeyPairExists(name, dir string) (bool, error)

CertKeyPairExists returns true if a key and matching certificate exist. Matching is defined as having the expected file names. No validation is performed on the actual bytes of the cert/key

func CertValid ¶ added in v1.2.0

func CertValid(CN string, SANs []string, name, dir string) (valid bool, warn []error, err error)

CertValid returns true if a matching certificate exist Matching is defined as having the expected CN and SANs Warnings: a certificate with a wrong CN or that doesn't contain the expected SANs, Error: a file that exists but cannot be read or parsed as a valid certificate

func NewCACert ¶

func NewCACert(csrFile string, commonName string) (key, cert []byte, err error)

NewCACert creates a new Certificate Authority and returns it's private key and public certificate.

func NewCert ¶

func NewCert(ca *CA, req csr.CertificateRequest) (key, cert []byte, err error)

NewCert creates a new certificate/key pair using the CertificateAuthority provided

func ReadCACert ¶

func ReadCACert(name, dir string) (key, cert []byte, err error)

ReadCACert read CA file

func WriteCert ¶

func WriteCert(key, cert []byte, name, dir string) error

WriteCert writes cert and key files

Types ¶

type CA ¶

type CA struct {
	// Key is the CA's private key.
	Key []byte
	// Password is the CA's private key password. Can be empty if not password is set.
	Password string
	// Cert is the CA's public certificate.
	Cert []byte
	// ConfigFile contains a cfssl configuration file for the Certificate Authority
	ConfigFile string
	// Profile to be used when signing with this Certificate Authority
	Profile string
}

CA contains information about the Certificate Authority

type Subject ¶

type Subject struct {
	Country            string
	State              string
	Locality           string
	Organization       string
	OrganizationalUnit string
}

The Subject contains the fields of the X.509 Subject

Source Files ¶

View all Source files

?	: This menu
/	: Search site
f or F	: Jump to
y or Y	: Canonical URL