Fingerprint takes a certificate and create a hash of the DER encoded public key.

IsPEMString returns true if the provided string match a PEM formatted certificate.

LoadCertificate will load a certificate from disk and return a tls.Certificate or error.

LoadCertificateAuthorities read the slice of CAcert and return a Certpool.

LoadTLSConfig will load a certificate from config with all TLS based keys defined.

LoadTLSServerConfig tranforms a ServerConfig into a `tls.Config` to be used directly with golang network types.

NewPEMReader returns a new PEMReader.

ReadPEMFile reads a PEM formatted string either from disk or passed as a plain text starting with a "-" and decrypt it with the provided password and return the raw content.

ResolveCipherSuite takes the integer representation and return the cipher name.

ResolveTLSVersion takes the integer representation and return the name.

Define all the possible TLS version.

Define all the possible TLS version.

Define all the possible TLS version.

Define all the possible TLS version.

TLSVersionDefaultMax is the max default TLS version that is enabled by default.

TLSVersionDefaultMin is the minimal default TLS version that is enabled by default.

TLSVersionMax is the max TLS version supported.

TLSVersionMin is the min TLS version supported.

Define all the possible TLS version.

Constants of the supported verification mode.

Constants of the supported verification mode.

Constants of the supported verification mode.

Constants of the supported verification mode.

ErrCAPinMissmatch is returned when no pin is matched in the verified chain.

ErrKeyNoCertificate indicate a configuration error with missing certificate file.

ErrCertificateNoKey indicate a configuration error with missing key file.

ErrNotACertificate indicates a PEM file to be loaded not being a valid PEM file or certificate.

TLSDefaultVersions list of versions of TLS we should support.

CertificateConfig define a common set of fields for a certificate.

Config defines the user configurable options in the yaml file.

PEMReader allows to read a certificate in PEM format either through the disk or from a string.

ServerConfig defines the user configurable tls options for any TCP based service.

TLSConfig is the interface used to configure a tcp client or server from a `Config`.

Intended for ECS's tls.version_protocol_field, which does not include numeric version and should be lower case.

TLSVerificationMode represents the type of verification to do on the remote host: `none`, `certificate`, and `full` and we default to `full`.

TLSVersion type for TLS version.