server

Documentation

Index

• type CertManager
  • func New(config Config, fileWatcher *fsnotify.Watcher, logger log.Logger) (*CertManager, error)
  • func (c *CertManager) Close()
  • func (c *CertManager) GetTLSConfig() *tls.Config
• type Config
  • func (c *Config) CAPoolArray() ([]urischeme.URIScheme, error)
  • func (c *Config) Validate() error

Types

type CertManager

type CertManager struct {
	// contains filtered or unexported fields
}

CertManager holds certificates from filesystem watched for changes

func New

func New(config Config, fileWatcher *fsnotify.Watcher, logger log.Logger) (*CertManager, error)

New creates a new certificate manager which watches for certs in a filesystem

func (*CertManager) Close

func (c *CertManager) Close()

Close ends watching certificates

func (*CertManager) GetTLSConfig

func (c *CertManager) GetTLSConfig() *tls.Config

GetTLSConfig returns tls configuration for clients

type Config

type Config struct {
	CAPool                    interface{}         `yaml:"caPool" json:"caPool" description:"file path to the root certificates in PEM format"`
	KeyFile                   urischeme.URIScheme `yaml:"keyFile" json:"keyFile" description:"file name of private key in PEM format"`
	CertFile                  urischeme.URIScheme `yaml:"certFile" json:"certFile" description:"file name of certificate in PEM format"`
	ClientCertificateRequired bool                `yaml:"clientCertificateRequired" json:"clientCertificateRequired" description:"require client certificate"`
	CAPoolIsOptional          bool                `yaml:"-" json:"-"`
	// contains filtered or unexported fields
}

Config provides configuration of a file based Server Certificate manager. CAPool can be a string or an array of strings.

func (*Config) CAPoolArray

func (c *Config) CAPoolArray() ([]urischeme.URIScheme, error)

func (*Config) Validate

func (c *Config) Validate() error