acme

package

v0.0.0-...-86283f3 Latest Latest Go to latest Published: Feb 23, 2024 License: BSD-3-Clause Imports: 28 Imported by: 0

Details

Valid go.mod file

The Go module system was introduced in Go 1.11 and is the official dependency management solution for Go.
Redistributable license

Redistributable licenses place minimal restrictions on how software can be used, modified, and redistributed.
Tagged version

Modules with tagged versions give importers more predictable builds.
Stable version

When a project reaches major version v1 it is considered stable.
Learn more about best practices

Repository

github.com/arthurweinmann/go-https-hug

Links

Open Source Insights

Documentation ¶

Index ¶

Constants
Variables
func CreateCertificate(rootdomain string, domains []string, lock bool) ([]byte, []byte, error)
func GenerateCert(certificate []byte, privateKey []byte) (*tls.Certificate, error)
func GetCertificate(hello *tls.ClientHelloInfo) (*tls.Certificate, error)
func GetChallenge(domain, token string) ([]byte, error)
func Init(param *InitParameters) error
func RetrieveCertificate(domain string) (certificate, privateKey []byte, err error)
func ServeHTTP(h http.Handler, redirectToHTTPS bool, option ...*http.Server) error
func ServeHTTPS(addr string, h http.Handler, logfilepath string) error
func ToggleCertificate(domains []string) error
type ACMEUser
type HTTPChallenger
- func (c *HTTPChallenger) CleanUp(domain, token, keyAuth string) error
- func (c *HTTPChallenger) Present(domain, token, keyAuth string) error
type InitParameters
type LogLevel
- func (l LogLevel) String() string

Examples ¶

GetCertificate

Constants ¶

View Source

const (
	ACME_CHALLENGE_URL_PREFIX = "/.well-known/acme-challenge/"
)

Variables ¶

View Source

var ErrCertificateExpired = errors.New("certificate expired")

View Source

var ErrCertificateNotFound = errors.New("certificate not found")

Functions ¶

func CreateCertificate ¶

func CreateCertificate(rootdomain string, domains []string, lock bool) ([]byte, []byte, error)

func GenerateCert ¶

func GenerateCert(certificate []byte, privateKey []byte) (*tls.Certificate, error)

func GetCertificate ¶

func GetCertificate(hello *tls.ClientHelloInfo) (*tls.Certificate, error)

GetCertificate is for integration into a golang HTTPS server Your HTTPS server then searches for existing certificates automatically

Example ¶

conn, err := net.Listen("tcp", ":443")
if err != nil {
	log.Fatal(err)
}
tlsConfig := new(tls.Config)
tlsConfig.GetCertificate = GetCertificate
tlsListener := tls.NewListener(conn, tlsConfig)

f, err := os.OpenFile("https.log", os.O_CREATE|os.O_RDWR, 0700)
if err != nil {
	log.Fatal(err)
}
defer f.Close()

serv := &http.Server{
	Addr:     ":443",
	Handler:  http.NewServeMux(),
	ErrorLog: log.New(f, "https: ", log.Llongfile|log.Ltime|log.Ldate),

	ReadHeaderTimeout: 30 * time.Second,
	ReadTimeout:       1 * time.Minute,
	WriteTimeout:      1 * time.Minute,
	IdleTimeout:       5 * time.Minute,
}

fmt.Println("Starting HTTPS Server")
serv.Serve(tlsListener)

Output:

Starting HTTPS Server

func GetChallenge ¶

func GetChallenge(domain, token string) ([]byte, error)

func Init ¶

func Init(param *InitParameters) error

Call Init before calling any other function

func RetrieveCertificate ¶

func RetrieveCertificate(domain string) (certificate, privateKey []byte, err error)

func ServeHTTP ¶

func ServeHTTP(h http.Handler, redirectToHTTPS bool, option ...*http.Server) error

ServeHTTP starts listening on port 80, if the requested url starts with /.well-known/acme-challenge/ it will handle the http certificate challenge without calling your handler h, otherwise it hands control over to handler h. If handler h is nil, the http server will only handle challenges and send an error for all other requests. You may provide an option http server to set its parameters. In this case, only its Handler and Addr fields will be replaced.

func ServeHTTPS ¶

func ServeHTTPS(addr string, h http.Handler, logfilepath string) error

Serve is blocking Example of addr is :443 logfilepath is optional and can be empty

func ToggleCertificate ¶

func ToggleCertificate(domains []string) error

Types ¶

type ACMEUser ¶

type ACMEUser struct {
	Email        string                 `json:"email"`
	Registration *registration.Resource `json:"registration"`
	Key          string                 `json:"key"`
	// contains filtered or unexported fields
}

func (*ACMEUser) GetEmail ¶

func (u *ACMEUser) GetEmail() string

func (*ACMEUser) GetPrivateKey ¶

func (u *ACMEUser) GetPrivateKey() crypto.PrivateKey

func (ACMEUser) GetRegistration ¶

func (u ACMEUser) GetRegistration() *registration.Resource

func (*ACMEUser) Save ¶

func (u *ACMEUser) Save() error

type HTTPChallenger ¶

type HTTPChallenger struct {
}

func (*HTTPChallenger) CleanUp ¶

func (c *HTTPChallenger) CleanUp(domain, token, keyAuth string) error

func (*HTTPChallenger) Present ¶

func (c *HTTPChallenger) Present(domain, token, keyAuth string) error

type InitParameters ¶

type InitParameters struct {
	// if zero, then we do not initialize any cache
	// otherwise the size in bytes of the in memory certificates cache.
	// If InMemoryCacheSize is less than 32MB, then the minimum cache capacity is 32MB.
	InMemoryCacheSize int

	CertificateContactEmail string

	Store storage.Store

	// you may use one of the providers from github.com/go-acme/lego/v4/providers/dns
	// for example route53.NewDNSProviderConfig
	DNSProvider   challenge.Provider
	DNSChallenges bool

	// Each main map key correspond to a root domain name, e.g. example.com
	// Each sub map key correspond to a subdomain of the parent root domain, e.g. bob.example.com or *.example.com
	// Please note that the use of the wildcard operator * is only possible when you define a DNS provider for your domains
	AuthorizedDomains map[string]map[string]bool

	LogLevel LogLevel
	Logger   io.Writer
}

type LogLevel ¶

type LogLevel int

const (
	DEBUG LogLevel = iota
	INFO
	WARNING
	ERROR
	NONE
)

func (LogLevel) String ¶

func (l LogLevel) String() string

Source Files ¶

View all Source files

?	: This menu
/	: Search site
f or F	: Jump to
y or Y	: Canonical URL