Documentation

Overview

Package localca uses an autocert.Cache to store and generate TLS certificates for domains on demand.

This is kind of powerful, and as such it is limited to only generate certificates as subdomains of a given domain.

The design and implementation of this is kinda stolen from minica[1].

[1]: https://github.com/jsha/minica

Index

Constants

This section is empty.

Variables

View Source
var (
	ErrBadData                = errors.New("localca: certificate data is bad")
	ErrDomainDoesntHaveSuffix = errors.New("localca: domain doesn't have the given suffix")
)

Functions

This section is empty.

Types

type Manager

type Manager struct {
	Cache        autocert.Cache
	DomainSuffix string
	// contains filtered or unexported fields
}

Manager automatically provisions and caches TLS certificates in a given autocert Cache. If it cannot fetch a certificate on demand, the certificate is dynamically generated with a lifetime of 100 years, which should be good enough.

func New

func New(keyFile, certFile, suffix string, cache autocert.Cache) (Manager, error)

New creates a new Manager with the given key filename, certificate filename, allowed domain suffix and autocert cache. All given certificates will be created if they don't already exist.

func (Manager) GetCertificate

func (m Manager) GetCertificate(hello *tls.ClientHelloInfo) (*tls.Certificate, error)