Documentation ¶
Index ¶
Constants ¶
View Source
const ( VaultIssuer = iota CFSSLIssuer AWSIssuer )
Supported issuers
Variables ¶
This section is empty.
Functions ¶
This section is empty.
Types ¶
type AWS ¶
type AWS struct { Region string `desc:"The AWS region to use."` AccessKeyID string `envconfig:"ACCESS_KEY_ID" desc:"The AWS access key ID to use for authenticating with AWS."` AccessKeySecret string `split_words:"true" desc:"The AWS access key secret to use for authenticating with AWS."` CertificateAuthorityARN string `envconfig:"CERTIFICATE_AUTHORITY_ARN" desc:"The ARN of a pre-created CA which will be used to issue the certificates."` TimeToLive int `default:"30" desc:"The lifetime of certificates requested from the AWS CA, in number of days."` }
AWS issuer configuration.
type CFSSL ¶
type CFSSL struct { URL url.URL `desc:"The URL of the CFSSL server."` CACertPath string `` /* 133-byte string literal not displayed */ Profile string `desc:"The profile on the CFSSL server that should be used. If unset, the default profile will be used."` AuthKey string `split_words:"true" desc:"Optionally defines an authentication key to use when connecting to CFSSL."` }
CFSSL issuer configuration.
type Issuer ¶
type Issuer int
Issuer is an enumeration of supported issuers
func (*Issuer) UnmarshalText ¶
UnmarshalText implements encoding.TextUnmarshaler for issuer.
type KeyGenerator ¶
type KeyGenerator func() (crypto.PrivateKey, error)
KeyGenerator defines the key generator to use
func (KeyGenerator) Generate ¶
func (k KeyGenerator) Generate() (crypto.PrivateKey, error)
Generate implements certify.KeyGenerator for KeyGenerator
func (*KeyGenerator) UnmarshalText ¶
func (k *KeyGenerator) UnmarshalText(in []byte) error
UnmarshalText implements encoding.TextUnmarshaler for KeyGenerator
type LogFormat ¶
LogFormat is used to format logs
func (*LogFormat) UnmarshalText ¶
UnmarshalText implements encoding.TextUnmarshaler for LogFormat
type Vault ¶
type Vault struct { URL url.URL `desc:"The URL of the Vault instance."` Token string `desc:"The Vault secret token that should be used when issuing certificates."` Mount string `default:"pki" desc:"The name under which the PKI secrets engine is mounted."` Role string `desc:"The Vault Role that should be used when issuing certificates."` CACertPath string `` /* 133-byte string literal not displayed */ TimeToLive time.Duration `split_words:"true" default:"720h" desc:"Configures the lifetime of certificates requested from the Vault server."` URISubjectAlternativeNames []string `` /* 213-byte string literal not displayed */ OtherSubjectAlternativeNames []string `` /* 223-byte string literal not displayed */ }
Vault issuer configuration.
Click to show internal directories.
Click to hide internal directories.