CheckCertificate checks validity of a given certificate.

GetCertChecker returns an instance of CertChecker for given CA.

IsCertInvalidError returns true for errors from CheckCertificate that indicate revoked or expired or otherwise invalid certificates.

NewError instantiates Error.

CertificateExpired is returned by CheckCertificate if the cert has expired already or not yet active.

CertificateRevoked is returned by CheckCertificate if the certificate is in the CA's Certificate Revocation List.

NoSuchCA is returned by GetCertChecker or GetCA if requested CA is not defined in the config.

NotReadyCA is returned by CheckCertificate if the CA's CRL hasn't been fetched yet (and thus CheckCertificate can't verify certificate's revocation status).

RefetchCAPeriod is how often to check CA entity in the datastore.

RefetchCRLPeriod is how often to check CRL entities in the datastore.

SignatureCheckError is returned by CheckCertificate if the certificate signature is not valid.

UnknownCA is returned by CheckCertificate if the cert was signed by an unexpected CA (i.e.

CertChecker knows how to check certificate signatures and revocation status.

CheckCertificateRPC implements CertificateAuthorities.CheckCertificate RPC method.

Error is returned by CertChecker methods in case the certificate is invalid.

IsRevokedCertRPC implements CertificateAuthorities.IsRevokedCert RPC method.

ErrorReason is part of Error struct.