Documentation
¶
Index ¶
Constants ¶
This section is empty.
Variables ¶
This section is empty.
Functions ¶
func MakeGetCertificateFunc ¶
func MakeGetCertificateFunc(cg *CertGetter) func(*tls.ClientHelloInfo) (*tls.Certificate, error)
MakGetCertificateFunc takes a CertGetter pointer, and returns a func to be set as a tls.Config.GetCertificate.
Types ¶
type CertGetter ¶
type CertGetter struct {
// contains filtered or unexported fields
}
CertGetter provides a type to be used for dynamically adding and removing certificates from a running HTTPS Server. To use, create a CertGetter pointer, then pass it to MakeGetCertificateFunc and set the function it returns as the tls.Config.GetCertificate, before starting your HTTPS Server.
Pass the tls.Config to tls.Listen, create an http.Server, and call server.Serve(listener).
All functions of CertGetter may safely be called while a server is listening and serving.
Must not be copied after first use. Take a reference and pass around the pointer.
func (*CertGetter) Add ¶
func (cg *CertGetter) Add(host string, cert *tls.Certificate)
func (*CertGetter) Delete ¶
func (cg *CertGetter) Delete(host string)
func (*CertGetter) Get ¶
func (cg *CertGetter) Get(fqdn string) (*tls.Certificate, bool)
Get returns the certificate for the given FQDN. If the literal FQDN is not found, a wildcard match is searched for all the way up. TODO change to take the tls.ClientHelloInfo, and properly check ciphers, and support multiple certs for the same FQDN.
func (*CertGetter) Hosts ¶
func (cg *CertGetter) Hosts() map[string]struct{}
Hosts returns the list of hosts in the CertGetter. This is not guaranteed to be atomic if other goroutines are concurrently calling Add.
type ServerPtr ¶
type ServerPtr struct {
// contains filtered or unexported fields
}
ServerPtr maintains an atomic pointer to a real server, which may be safely swapped while running to hot-reload config.