Documentation ¶
Index ¶
Constants ¶
View Source
const ( // VolumePath is the path at which the tls cert and private key (if any) // will be mounted in the pachd pod VolumePath = "/pachd-tls-cert" // CertFile is the name of the mounted file containing a TLS certificate // that identifies pachd CertFile = "tls.crt" // KeyFile is the name of the mounted file containing a private key // corresponding to the public certificate in TLSCertFile KeyFile = "tls.key" // CertCheckFrequency is how often we check for a renewed TLS certificate CertCheckFrequency = time.Hour )
Variables ¶
This section is empty.
Functions ¶
func GetCertPaths ¶
GetCertPaths gets the paths to the cert and key files within a cluster
Types ¶
type CertLoader ¶
type CertLoader struct {
// contains filtered or unexported fields
}
CertLoader provides simple hot TLS certificate reloading by checking for a renewed certificate at a configurable interval
func NewCertLoader ¶
func NewCertLoader(certPath, keyPath string, refreshInterval time.Duration) *CertLoader
NewCertLoader creates a new CertLoader to refresh the specified TLS key at a fixed interval
func (*CertLoader) GetCertificate ¶
func (l *CertLoader) GetCertificate(_ *tls.ClientHelloInfo) (*tls.Certificate, error)
GetCertificate gets the currently cached certificate and fulfills
func (*CertLoader) LoadAndStart ¶
func (l *CertLoader) LoadAndStart() error
LoadAndStart ensures the current TLS certificate is loaded and starts the reload routine to poll for renewed certificates
Click to show internal directories.
Click to hide internal directories.