pki

package

v0.1.6 Latest Latest Go to latest Published: Aug 12, 2023 License: Apache-2.0 Imports: 16 Imported by: 0

Details

Valid go.mod file
Redistributable license
Tagged version
Stable version
Learn more about best practices

Repository

github.com/webmeshproj/webmesh

Links

Open Source Insights

Documentation ¶

Overview ¶

Package pki contains an interface for managing the PKI for a cluster using mTLS.

Constants ¶

View Source

const (
	// DefaultCAName is the default CA name.
	DefaultCAName = "webmesh-ca"
	// DefaultKeyType is the default key type.
	DefaultKeyType = "ecdsa"
	// DefaultKeySize is the default key size.
	DefaultKeySize = 256
	// DefaultAdminName is the default admin name.
	DefaultAdminName = "admin"
	// DefaultCAExpiry is the default CA expiry.
	DefaultCAExpiry = 365 * 24 * time.Hour // 1 year
	// DefaultNodeExpiry is the default node expiry.
	DefaultNodeExpiry = 90 * 24 * time.Hour // 90 days
	// CADirectory is the name of the relative directory containing the CA.
	CADirectory = "ca"
	// NodesDirectory is the name of the relative directory containing the nodes.
	NodesDirectory = "nodes"
)

Variables ¶

This section is empty.

Functions ¶

This section is empty.

Types ¶

type GenerateConfigOptions ¶

type GenerateConfigOptions struct {
	// Name is the name of the certificate.
	Name string
	// Server is the server address.
	Server string
	// Output is the output file.
	Output string
	// ContextName sets the name of the context. Defaults to "default".
	ContextName string
	// ClusterName sets the name of the cluster. Defaults to "default".
	ClusterName string
	// UserName sets the name of the user. Defaults to "default".
	UserName string
}

GenerateConfigOptions are options for generating a new config.

type GenerateOptions ¶

type GenerateOptions struct {
	// CAName is the name of the CA.
	CAName string
	// AdminName is the name of the admin user.
	AdminName string
	// KeySize is the size of the keys to generate.
	KeySize int
	// KeyType is the type of keys to generate.
	KeyType string
	// CAExpiry is the expiry of the CA.
	CAExpiry time.Duration
	// AdminExpiry is the expiry of the admin user.
	AdminExpiry time.Duration
}

GenerateOptions are options for generating a new PKI.

type IssueOptions ¶

type IssueOptions struct {
	// Name is the name of the certificate.
	Name string
	// KeySize is the size of the keys to generate.
	KeySize int
	// KeyType is the type of keys to generate.
	KeyType string
	// Expiry is the expiry of the certificate.
	Expiry time.Duration
}

IssueOptions are options for issuing a new certificate.

type PKI ¶

type PKI interface {
	// Generate generates a new PKI.
	Generate(*GenerateOptions) error
	// Issue issues a new certificate.
	Issue(*IssueOptions) error
	// GenerateConfig generates a new config.
	GenerateConfig(*GenerateConfigOptions) error
}

PKI is an interface for managing the PKI for a cluster using mTLS.

func New ¶

func New(dir string) PKI

New returns a new PKI.

Source Files ¶

View all Source files

pki.go

?	: This menu
/	: Search site
f or F	: Jump to
y or Y	: Canonical URL