Documentation
¶
Index ¶
Constants ¶
const ( DefaultAcmeHttpPort = "80" DefaultAcmeTlsPort = "443" DefaultCertificateRenewValidDuration = time.Hour * 24 * 30 // 30 days = Let's Encrypt default DefaultCertificateRenewInterval = time.Hour * 24 )
Variables ¶
This section is empty.
Functions ¶
This section is empty.
Types ¶
type ACME ¶
type ACME interface {
// GenerateCertificateWithACMEChallenge generates a new certificate for the given domain.
// the ACMEHelper must be initialized before using this function.
GenerateCertificateWithACMEChallenge(domain string) (*CertificateResource, error)
}
ACME is a small interface that handles the creation of certificates.
type ACMEHelper ¶
type ACMEHelper struct {
// contains filtered or unexported fields
}
ACMEHelper is a helper struct that handles the registration of the user and the creation of certificates.
func NewACMEHelper ¶
func NewACMEHelper(acmePrivateKey crypto.PrivateKey, acmeEmail string, acmeEndpoint string, acmeChallenge AcmeChallenge, acmeHttpPort string, acmeHttpsPort string, acmeDNSProvider string) (*ACMEHelper, error)
NewACMEHelper creates a new ACMEHelper and gets or registers the user.
func (*ACMEHelper) GenerateCertificateWithACMEChallenge ¶
func (helper *ACMEHelper) GenerateCertificateWithACMEChallenge(domain string) (*CertificateResource, error)
GenerateCertificateWithACMEChallenge generates a new certificate for the given domain. the ACMEHelper must be initialized before using this function.
type AcmeChallenge ¶
type AcmeChallenge string
AcmeChallenge denotes the types of Let's Encrypt challenges
const ( // AcmeChallengeHTTP is the standard HTTP-01 or TLS-ALPN-01 challenge. AcmeChallengeHTTP AcmeChallenge = "HTTP" // AcmeChallengeDNS is the DNS-01 challenge. AcmeChallengeDNS AcmeChallenge = "DNS" )
type CertificateResource ¶
type CertificateResource struct {
Domain string
CertURL string
CertStableURL string
PrivateKey []byte
Certificate []byte
IssuerCertificate []byte
CSR []byte
NotValidAfter time.Time
}
Resource represents a CA issued certificate. It's a copy from lego certificates.Resource https://pkg.go.dev/github.com/go-acme/lego/v4@v4.13.3/certificate#Resource
type CertificateService ¶
type CertificateService struct {
// contains filtered or unexported fields
}
CertificateService stores and manages certificates.
func NewCertificateService ¶
func NewCertificateService(certificateStoreDirectory string, acmeEndpoint string, acmeEmail string, acmeChallengeType string, acmeDNSProvider string) (*CertificateService, error)
NewCertificateService creates a new CertificateService with the given config parameters and load the existing certificates from disk.
func (*CertificateService) Add ¶
func (s *CertificateService) Add(domain string, cert *CertificateResource) error
Add saves a certificate to the store.
func (*CertificateService) Get ¶
func (s *CertificateService) Get(domain string) (*CertificateResource, error)
Get returns a certificate from the store.
func (*CertificateService) GetOrCreateTlsConfig ¶
func (c *CertificateService) GetOrCreateTlsConfig(domain string) (*tls.Config, error)
GetOrCreateTlsConfig creates a tls.Config for a domain. the tls.Config will always get (or create) the certificate from the the certificate service.
Source Files