Package distributedstek provides TLS session ticket ephemeral keys (STEKs) in a distributed fashion by utilizing configured storage for locking and key sharing.

CipherSuiteID returns the ID of the cipher suite associated with the given name, or 0 if the name is not recognized/supported.

CipherSuiteNameSupported returns true if name is a supported cipher suite.

DefaultIssuers returns empty Issuers (not provisioned) to be used as defaults.

DefaultIssuersProvisioned returns empty but provisioned default Issuers from DefaultIssuers().

ProtocolName returns the standard name for the passed protocol version ID (e.g.

SupportedCipherSuites returns a list of all the cipher suites Caddy supports.

SupportedCurves is the unordered map of supported curves.

SupportedProtocols is a map of supported protocols.

ACMEIssuer manages certificates using the ACME protocol (RFC 8555).

AutomationConfig governs the automated management of TLS certificates.

AutomationPolicy designates the policy for automating the management (obtaining, renewal, and revocation) of managed TLS certificates.

CertCacheOptions configures the certificate cache.

Certificate is a TLS certificate, optionally associated with arbitrary tags.

CertKeyFilePair pairs certificate and key file names along with their encoding format so that they can be loaded from disk.

CertKeyPEMPair pairs certificate and key PEM blocks.

ChainPreference describes the client's preferred certificate chain, useful if the CA offers alternate chains.

ChallengesConfig configures the ACME challenges.

ClientAuthentication configures TLS client auth.

ConnectionPolicy specifies the logic for handling a TLS handshake.

CustomCertSelectionPolicy represents a policy for selecting the certificate used to complete a handshake when there may be multiple options.

DNSChallengeConfig configures the ACME DNS challenge.

HTTPCertGetter can get a certificate via HTTP(S) request.

HTTPChallengeConfig configures the ACME HTTP challenge.

InternalIssuer is a certificate issuer that generates certificates internally using a locally-configured CA which can be customized using the `pki` app.

MatchRemoteIP matches based on the remote IP of the connection.

OnDemandConfig configures on-demand TLS, for obtaining needed certificates at handshake-time.

RateLimit specifies an interval with optional burst size.

SessionTicketService configures and manages TLS session tickets.

StorageLoader loads certificates and their associated keys from the globally configured storage module.

Tailscale is a module that can get certificates from the local Tailscale process.

TLS provides TLS facilities including certificate loading and management, client auth, and more.

TLSALPNChallengeConfig configures the ACME TLS-ALPN challenge.

ZeroSSLIssuer makes an ACME manager for managing certificates using ACME.

CertificateLoader is a type that can load certificates.

ConfigSetter is implemented by certmagic.Issuers that need access to a parent certmagic.Config as part of their provisioning phase.

ConnectionMatcher is a type which matches TLS handshakes.

STEKProvider is a type that can provide session ticket ephemeral keys (STEKs).

AutomateLoader will automatically manage certificates for the names in the list, including obtaining and renewing certificates.

ConnectionPolicies govern the establishment of TLS connections.

FileLoader loads certificates and their associated keys from disk.

FolderLoader loads certificates and their associated keys from disk by recursively walking the specified directories, looking for PEM files which contain both a certificate and a key.

MatchServerName matches based on SNI.

PEMLoader loads certificates and their associated keys by decoding their PEM blocks directly.

PublicKeyAlgorithm is a JSON-unmarshalable wrapper type.