selfsigned

package module
v1.1.0 Latest Latest
Warning

This package is not in the latest version of its module.

 Go to latest Published: Jan 18, 2023 License: Apache-2.0 Imports: 13 Imported by: 1

README

SelfSigned

This is a very simple sign-signed certificate generator that gives no options except the dns name(s).

Usage

package main

import (
	"io/ioutil"

	"github.com/isaaguilar/selfsigned"
)

func main() {
    dnsName := []string{"foo.bar.svc.cluster.local", "foo.bar.svc", "foo.bar"}
	selfSignedCert := selfsigned.NewSelfSignedCertOrDie(dnsNames)

	ioutil.WriteFile("ca.crt", selfSignedCert.CACert, 0600)
	ioutil.WriteFile("tls.crt", selfSignedCert.TLSCert, 0600)
	ioutil.WriteFile("tls.key", selfSignedCert.TLSKey, 0600)
}

Documentation

Index

Constants

View Source 
const (
	// ECPrivateKeyBlockType is a possible value for pem.Block.Type.
	ECPrivateKeyBlockType = "EC PRIVATE KEY"
	// RSAPrivateKeyBlockType is a possible value for pem.Block.Type.
	RSAPrivateKeyBlockType = "RSA PRIVATE KEY"
)

Variables

This section is empty.

Functions

func EncodeCertPEM 

func EncodeCertPEM(cert *x509.Certificate) []byte

EncodeCertPEM returns PEM-endcoded certificate data

func MarshalPrivateKeyToPEM 

func MarshalPrivateKeyToPEM(privateKey crypto.PrivateKey) ([]byte, error)

MarshalPrivateKeyToPEM converts a known private key type of RSA or ECDSA to a PEM encoded block or returns an error.

func NewPrivateKey 

func NewPrivateKey() (*rsa.PrivateKey, error)

NewPrivateKey creates an RSA private key

func NewSelfSignedCACert 

func NewSelfSignedCACert(cfg Config, key crypto.Signer) (*x509.Certificate, error)

NewSelfSignedCACert creates a CA certificate

func NewSignedCert 

func NewSignedCert(cfg *Config, key crypto.Signer, caCert *x509.Certificate, caKey crypto.Signer) (*x509.Certificate, error)

NewSignedCert creates a signed certificate using the given CA certificate and key

Types

type AltNames 

type AltNames struct {
	DNSNames []string
	IPs      []net.IP
}

AltNames contains the domain names and IP addresses that will be added to the API Server's x509 certificate SubAltNames field. The values will be passed directly to the x509.Certificate object.

type Config 

type Config struct {
	CommonName   string
	Organization []string
	AltNames     AltNames
	Usages       []x509.ExtKeyUsage
}

Config contains the basic fields required for creating a certificate

type SelfSignedCert 

type SelfSignedCert struct {
	Signer
	TLSCert []byte
	TLSKey  []byte
}

func NewSelfSignedCertOrDie 

func NewSelfSignedCertOrDie(names []string) *SelfSignedCert

NewSelfSignedCertOrDie is a factory to generate very basic self signed certs good for a year. It returns a struct of the three files for self signed certs. It does not save a file.

func (*SelfSignedCert) UpdateTLS added in v1.1.0 

func (s *SelfSignedCert) UpdateTLS() error

UpdateTLS uses the same signing certificate to issue a new tls certificate

type Signer added in v1.1.0 

type Signer struct {
	CAKey  []byte
	CACert []byte
}

Source Files

View all Source files

Jump to

Keyboard shortcuts

? : This menu
/ : Search site
f or F : Jump to
y or Y : Canonical URL
go.dev uses cookies from Google to deliver and enhance the quality of its services and to analyze traffic. Learn more.