Documentation
¶
Index ¶
- type Certificate
- type Config
- type CreateCertificateParams
- type ExportCertificatePKCS12Params
- type Ref
- type Storage
- func (s *Storage) CreateCertificate(certPath string, params *CreateCertificateParams) (string, error)
- func (s *Storage) ExportCertificateChainPEM(certPath string) ([]byte, error)
- func (s *Storage) ExportCertificatePEM(certPath string) ([]byte, error)
- func (s *Storage) ExportCertificatePKCS12(certPath string, params *ExportCertificatePKCS12Params) ([]byte, error)
- func (s *Storage) ExportPrivateKeyPEM(certPath string) ([]byte, error)
- func (s *Storage) ExportPublicKeyPEM(certPath string) ([]byte, error)
- func (s *Storage) GetCertificate(certPath string) (*Certificate, error)
- func (s *Storage) GetRootCertificates() []*Ref
- func (s *Storage) ValidateCertificate(certPath string) error
Constants ¶
This section is empty.
Variables ¶
This section is empty.
Functions ¶
This section is empty.
Types ¶
type Certificate ¶
type Certificate struct {
Parents []*Ref
Fingerprint string
X509 *x509.Certificate
Children []*Ref
}
Certificate represents an X.509 certificate in a format suitable for rendering to templates.
func (*Certificate) CanSign ¶
func (c *Certificate) CanSign() bool
CanSign indicates whether this certificate may sign others.
func (*Certificate) KeyUsage ¶
func (c *Certificate) KeyUsage() []string
type Config ¶
type Config struct {
// DataDir specifies where the data for the application should be stored.
// An empty value indicates the current directory.
DataDir string
// Logger can be used to capture log messages.
Logger *slog.Logger
}
Config provides configuration for Storage.
type CreateCertificateParams ¶
type CreateCertificateParams struct {
CommonName string
Organization string
OrganizationalUnit string
Country string
Province string
Locality string
StreetAddress string
PostalCode string
Validity string
CanSign bool
CodeSigning bool
ClientAuth bool
ServerAuth bool
SANs string
}
CreateCertificateParams provides CreateCertificate with parameters for creating a new X.509 certificate and private key.
type ExportCertificatePKCS12Params ¶
type ExportCertificatePKCS12Params struct {
Password string
}
ExportCertificatePKCS12Params provides ExportCertificatePKCS12 with parameters for exporting a certificate and its private key.
type Ref ¶
type Ref struct {
ID string
X509 *x509.Certificate
}
Ref stores an ID and certificate pair.
type Storage ¶
type Storage struct {
// contains filtered or unexported fields
}
Storage provides an abstraction to the certificate data stored on disk. All public methods are safe for use in multiple goroutines.
func (*Storage) CreateCertificate ¶
func (s *Storage) CreateCertificate( certPath string, params *CreateCertificateParams, ) (string, error)
CreateCertificate creates a new certificate & private key. The certificate path to the newly created certificate is returned upon success.
func (*Storage) ExportCertificateChainPEM ¶
ExportCertificateChainPEM exports the specified certificate and its parents as a PEM-encoded file.
func (*Storage) ExportCertificatePEM ¶
ExportCertificatePEM exports the specified certificate as a PEM-encoded file.
func (*Storage) ExportCertificatePKCS12 ¶
func (s *Storage) ExportCertificatePKCS12( certPath string, params *ExportCertificatePKCS12Params, ) ([]byte, error)
ExportCertificatePKCS12 exports the specified certificate and its private key and CAs as a PKCS#12 file.
func (*Storage) ExportPrivateKeyPEM ¶
ExportPrivateKeyPEM exports the private key of the specified certificate as a PEM-encoded file.
func (*Storage) ExportPublicKeyPEM ¶
ExportPublicKeyPEM exports the public key of the specified certificate as a PEM-encoded file.
func (*Storage) GetCertificate ¶
func (s *Storage) GetCertificate(certPath string) (*Certificate, error)
GetCertificate attempts to return a certificate by its path.
func (*Storage) GetRootCertificates ¶
GetRootCertificates returns the root certificates.
func (*Storage) ValidateCertificate ¶
ValidateCertificate attempts to validate the specified certificate.
Source Files