mutualtlsconfig

package module

v0.1.0 Latest Latest Go to latest Published: Mar 20, 2020 License: MIT Imports: 17 Imported by: 0

Details

Valid go.mod file

The Go module system was introduced in Go 1.11 and is the official dependency management solution for Go.
Redistributable license

Redistributable licenses place minimal restrictions on how software can be used, modified, and redistributed.
Tagged version

Modules with tagged versions give importers more predictable builds.
Stable version

When a project reaches major version v1 it is considered stable.
Learn more about best practices

Repository

github.com/jtwatson/mutualtlsconfig

Links

Open Source Insights

README ¶

mutualtlsconfig

Package mutualtlsconfig provides helpers to configure Mutual TLS Authentication between a Client and Server.

usage and examples

See pkg.go.dev/github.com/jtwatson/mutualtlsconfig for usage.

Documentation ¶

Overview ¶

Package mutualtlsconfig provides helpers to configure Mutual TLS Authentication between a Client and Server.

Index ¶

type CertType
type CertificateInformation
- func (c *CertificateInformation) Generate() (cert, key []byte, err error)
type TLSConfigurator

Constants ¶

This section is empty.

Variables ¶

This section is empty.

Functions ¶

This section is empty.

Types ¶

type CertType ¶ added in v0.1.0

type CertType x509.ExtKeyUsage

const (
	// ServerCertType indicates the Certificate has x509.ExtKeyUsageServerAuth set
	ServerCertType CertType = CertType(x509.ExtKeyUsageServerAuth)

	// ClientCertType indicates the Certificate has x509.ExtKeyUsageClientAuth set
	ClientCertType CertType = CertType(x509.ExtKeyUsageClientAuth)
)

type CertificateInformation ¶ added in v0.1.0

type CertificateInformation struct {
	Begin        time.Time
	CommonName   string
	Days         int
	DNSNames     []string
	IPAddresses  []net.IP
	Organization string
	Type         CertType
}

CertificateInformation holds required information for generating a Self Signed Certificate

func (*CertificateInformation) Generate ¶ added in v0.1.0

func (c *CertificateInformation) Generate() (cert, key []byte, err error)

type TLSConfigurator ¶

type TLSConfigurator struct {
	// contains filtered or unexported fields
}

TLSConfigurator is a utility to simplify setting up a Client/Server using TLS Mutual athentication. The tls.Config's returned will validate certificates for both the Client and Server.

func New ¶ added in v0.1.0

func New(cert, key []byte, caCerts ...[]byte) (*TLSConfigurator, error)

New returns a TLSConfigurator

func NewFromFS ¶ added in v0.1.0

func NewFromFS(fs http.FileSystem, cert, key string, caCerts ...string) (*TLSConfigurator, error)

NewFromFS loads from fs and returns a TLSConfigurator.

func NewFromFile ¶ added in v0.1.0

func NewFromFile(cert, key string, caCerts ...string) (*TLSConfigurator, error)

NewFromFile loads from files and returns a TLSConfigurator.

func (*TLSConfigurator) HTTPSClient ¶

func (c *TLSConfigurator) HTTPSClient() *http.Client

HTTPSClient returns a http.Client with its Transport configured for TLS.

func (*TLSConfigurator) TLSClientConfig ¶

func (c *TLSConfigurator) TLSClientConfig() *tls.Config

TLSClientConfig returns a tls.Config which will fully validate the server certificate using the provided CaCerts.

func (*TLSConfigurator) TLSListener ¶

func (c *TLSConfigurator) TLSListener(ln net.Listener) net.Listener

TLSListener wraps the TLSServerConfig around the net.Listener

func (*TLSConfigurator) TLSServerConfig ¶

func (c *TLSConfigurator) TLSServerConfig() *tls.Config

TLSServerConfig returns a tls.Config which will require and fully validate a client certificate using the provided CaCerts with option tls.RequireAndVerifyClientCert. The client certificate must have x509.ExtKeyUsageClientAuth set.

Source Files ¶

View all Source files

Directories ¶

Path	Synopsis
cmd
generate-tlscert

?	: This menu
/	: Search site
f or F	: Jump to
y or Y	: Canonical URL