Package local implements certificate signature functionality for CFSSL.

Package universal implements a signer that can do remote or local.

ComputeSKI derives an SKI from the certificate's public key in a standard manner.

DefaultSigAlgo returns an appropriate X.509 signature algorithm given the CA's private key.

FillTemplate is a utility function that tries to load as much of the certificate template as possible from the profiles and current template.

ParseCertificateRequest takes an incoming certificate request and builds a certificate template from it.

Profile gets the specific profile from the signer.

SplitHosts takes a comma-spearated list of hosts and returns a slice with the hosts split.

CTPoisonOID is the object ID of the critical poison extension for precertificates https://tools.ietf.org/html/rfc6962#page-9.

SCTListOID is the object ID for the Signed Certificate Timestamp certificate extension https://tools.ietf.org/html/rfc6962#page-14.

Extension represents a raw extension to be included in the certificate.

SignRequest stores a signature request, which contains the hostname, the CSR, optional subject information, and the signature profile.

Subject contains the information that should be used to override the subject information when signing a certificate.

A Signer contains a CA's certificate and private key for signing certificates, a Signing policy to refer to and a SignatureAlgorithm.