mkcert

package module

v0.1.0 Latest Latest Go to latest Published: Apr 8, 2023 License: MIT Imports: 14 Imported by: 0

Details

Valid go.mod file

The Go module system was introduced in Go 1.11 and is the official dependency management solution for Go.
Redistributable license

Redistributable licenses place minimal restrictions on how software can be used, modified, and redistributed.
Tagged version

Modules with tagged versions give importers more predictable builds.
Stable version

When a project reaches major version v1 it is considered stable.
Learn more about best practices

Repository

github.com/goshop-project/headless

Links

Open Source Insights

Documentation ¶

Overview ¶

Package mkcert provides the private CA for mTLS

Constants ¶

View Source

const (
	// DefaultKeyFilePermissions are the permissions used when creating the KeyFile
	DefaultKeyFilePermissions os.FileMode = 0600
	// DefaultCertFilePermissions are the permissions used when creating the CertFile
	DefaultCertFilePermissions os.FileMode = 0644
	// DefaultDirPermissions are the permissions used when creating the RootDir
	DefaultDirPermissions os.FileMode = 0700
)

Variables ¶

This section is empty.

Functions ¶

This section is empty.

Types ¶

type CA ¶

type CA struct {
	// contains filtered or unexported fields
}

CA is a private PKI for mTLS

func (*CA) GetCAPool ¶

func (m *CA) GetCAPool() *x509.CertPool

GetCAPool returns a reference to the Certificates Pool

func (*CA) GetCertificate ¶

func (m *CA) GetCertificate(chi *tls.ClientHelloInfo) (*tls.Certificate, error)

GetCertificate returns the TLS Certificate that should be used for a given TLS request

func (*CA) WriteCertFile ¶

func (m *CA) WriteCertFile() (string, error)

WriteCertFile writes the CA's Certificate PEM encoded, using the filename in the [Config.CertFile]

func (*CA) WriteKeyFile ¶

func (m *CA) WriteKeyFile() (string, error)

WriteKeyFile writes the CA's Private Key PEM encoded, using the filename in the [Config.KeyFile]

type Config ¶

type Config struct {
	// RootDir is the directory where key and cert are securely stored
	RootDir string `toml:"caroot_dir" default:"~/.local/share/mkcert"`
	// KeyFile is the filename of the CA key within the RootDir
	KeyFile string `toml:"key_file"   default:"rootCA-key.pem"`
	// CertFile is the filename of the CA certificate within the RootDir
	CertFile string `toml:"cert_file" default:"rootCA.pem"`

	// Certificates include infomation for the issued certificates
	Certificates ca.TemplateConfig `toml:"certificates,omitempty"`
	// Issuer include infomation for creating the CA
	Issuer ca.TemplateConfig `toml:"issuer,omitempty"`

	// KeyAlgorithm indicates the KeyAlgorigthm  to be used.
	// RSA, ECDSA, or ED25519. case-insensitive.
	KeyAlgorithm string `toml:"algorithm,omitempty"`
}

Config is the configuration of a CA

func (*Config) CertFileName ¶

func (cfg *Config) CertFileName() (string, error)

CertFileName returns the full path to the [Config.CertFile]

func (*Config) Export ¶

func (cfg *Config) Export() *ca.Config

Export converts an annotated Config into a ca.Config

func (*Config) KeyFileName ¶

func (cfg *Config) KeyFileName() (string, error)

KeyFileName returns the full path to the [Config.KeyFile]

func (*Config) LoadCA ¶

func (cfg *Config) LoadCA() (*CA, error)

LoadCA creates a new CA using [Config.KeyFile] and [Config.CertFile]

func (*Config) MkRootDir ¶

func (cfg *Config) MkRootDir() error

MkRootDir creates the [Config.RootDir] if it doesn't exist already

func (*Config) NewCA ¶

func (cfg *Config) NewCA() (*CA, error)

NewCA generates a new CA using cfg.Issuer information

func (*Config) SetDefaults ¶

func (cfg *Config) SetDefaults() error

SetDefaults fills the gaps in the Config

Source Files ¶

View all Source files

?	: This menu
/	: Search site
f or F	: Jump to
y or Y	: Canonical URL