Active checks if the given cert is within its valid time window.

CreateSignedServingPair creates a serving cert/key pair signed by the given ca.

GenerateCA generates a self-signed CA cert/key pair that expires in expiresIn days.

PEMSHA256 returns the hex encoded SHA 256 hash of the given PEM encoded cert.

PEMToCert converts the PEM block of the given byte array to an x509 certificate.

VerifyCert checks that the given cert is signed and trusted by the given CA.

KeyPair stores an x509 certificate and its ECDSA private key.

PEMHash returns a hash of the given PEM encoded cert.