Version: v1.1.0 Latest Latest

This package is not in the latest version of its module.

Go to latest
Published: Feb 15, 2017 License: Apache-2.0 Imports: 12 Imported by: 0



Package easypki provides helpers to manage a Public Key Infrastructure.



This section is empty.


View Source
var (
	ErrCannotSelfSignNonCA = errors.New("cannot self sign non CA request")
	ErrMaxPathLenReached   = errors.New("max path len reached")

Signing errors.


This section is empty.


type EasyPKI added in v1.0.0

type EasyPKI struct {
	Store store.Store

EasyPKI wraps helpers to handle a Public Key Infrastructure.

func (*EasyPKI) CRL added in v1.0.0

func (e *EasyPKI) CRL(caName string, expire time.Time) ([]byte, error)

CRL builds a CRL for a given CA based on the revoked certs.

func (*EasyPKI) GetBundle added in v1.0.0

func (e *EasyPKI) GetBundle(caName, name string) (*certificate.Bundle, error)

GetBundle fetches and returns a certificate bundle from the store.

func (*EasyPKI) GetCA added in v1.0.0

func (e *EasyPKI) GetCA(name string) (*certificate.Bundle, error)

GetCA fetches and returns the named Certificate Authrority bundle from the store.

func (*EasyPKI) Revoke added in v1.0.0

func (e *EasyPKI) Revoke(caName string, cert *x509.Certificate) error

Revoke revokes the given certificate from the store.

func (*EasyPKI) Sign added in v1.0.0

func (e *EasyPKI) Sign(signer *certificate.Bundle, req *Request) error

Sign signs a generated certificate bundle based on the given request with the given signer.

type Request added in v1.0.0

type Request struct {
	Name                string
	IsClientCertificate bool
	PrivateKeySize      int
	Template            *x509.Certificate

Request is a struct for providing configuration to GenerateCertificate when actioning a certification generation request.

Jump to

Keyboard shortcuts

? : This menu
/ : Search site
f or F : Jump to
t or T : Toggle theme light dark auto
y or Y : Canonical URL