# Packages
No description provided by the author
# Functions
AuthoritySource is like AuthoritySourceFn using a fixed id and key.
AuthoritySourceFn returns a Source that mints a new tls.Certificate based on the given signing authority using id and key funcs.
CacheSource wraps source such that it is only ever called when expiry returns true.
CreateCertificateChain creates a new x509.Certificate using id and pub signed by the leaf and private key of authority.
CreateSelfSignedCertificate creates a new certificate whose issuer is the certificate itself.
DecodePEMBlocks returns all PEM blocks in pemBytes with blockType type.
DirectSource adapts a tls.Certificate and some roots into a Source that always returns these values.
No description provided by the author
No description provided by the author
No description provided by the author
FSKeySource is like FSSource but the key is already loaded.
FSSource returns a Source that reads the cert+private keypair and roots from files in PEM format on the filesystem.
FuncSource adapts f to implement Source.
GenerateSerialNumber generates a random unsigned 128-bit integer using a cryptographically secure source of random numbers.
LazySource returns certs from f().Certs(), only invoking f the first time the returns Source.Certs is called.
LoadCertAndRootsWithKey reads and returns a certificate from certPath and validates it against key.
LoadOrGeneratePrivateKey will load a private key in PEM-encoded PKCS#8, PKCS#1 or EC format from a file.
LoadPrivateKey will load a private key from a PEM file, in PKCS#8, PKCS#1 or EC format.
LoadX509Cert reads an x509 certificate chain (leaf first) from certPath and combines it with privateKey to form a tls.Certificate.
ParseCertificatesPEM parses and returns any CERTIFICATE blocks found in the pem encoded pemBytes.
SaveCertificateChain writes derCerts as pem encoded CERTIFICATE blocks to certFile.
No description provided by the author
SelfSignedSource returns a Source backed by CreateSelfSignedCertificate and a basic certificate template.
SelfSignedSourceT is like SelfSignedSource but using the given template.
TLSClientConfig returns a *tls.Config for use by a client using sources roots to validate the server certificate.
TLSServerConfig returns a *tls.Config for use by a server using source to provide the server cert.
ValidKeyPair checks whether the given public and private keys are a valid pair, that is to say they use the same algorithm configured with the same parameters.
WithAuthority adds the given host or IP to the created certificate.
WithExpireAfter sets the created certificates NotAfter to now + expireAfter.
WithFSCache instructs the source to cache certs and roots to disk when source is invoked.
WithIfaces adds all net.Interfaces to the created certificate, including loopback and the DNS "localhost" interface.
WithNonLoopbackIfaces adds non-loopback net.Interfaces to the created certificate.
WithNow sets the source of time used when calculating NotBefore and NotAfter.
WithRand set the source of random data used to create certificate signatures.
WithValidSince sets the created certificates NotBefore to now - validSince.
# Variables
No description provided by the author
ErrNoCertOrErr is returned when a Source returns neither a tls.Certificate nor an error when invoked.
No description provided by the author
# Interfaces
CSROption allows customisation of the certificate creation process.
PrivateKey contains the method set that the standard library public key types (from crypto/*) all implement.
PublicKey contains the method set that the standard library public key types (from crypto/*) all implement.
Source defines a source of certificate information.
# Type aliases
No description provided by the author
Expiry is called to know if certificates need to be reloaded.
SourceSet is a Source that will return certs from the first of sources to return a non-nil cert and err.