Documentation ¶
Overview ¶
Package encryptomatic handles granting SSL certificates via ACME to devices which may not natively support that.
Index ¶
Constants ¶
This section is empty.
Variables ¶
This section is empty.
Functions ¶
func RegisterInstaller ¶
func RegisterInstaller(name string, installer InstallerFactory)
func RegisterVerifier ¶
func RegisterVerifier(name string, verifier VerifierFactory)
Types ¶
type CSRGenerator ¶
type CSRGenerator interface {
GenerateCSR(ctx context.Context) (*x509.CertificateRequest, error)
}
CSRGenerator represents an endpoint which can generate its own certificate request/private key pair.
type CertificateRequest ¶
type CertificateRequest struct { // Targets are the target devices which this certificate should be installed on. Targets []Installer // Names are the domains which this certificate should be requested for. Names []string // Key is the private key to use to sign the request. If nil, a private key will be generated. Key crypto.PrivateKey // Request is the pre-generated, pre-signed request. If set, Names and Key will be ignored. Request *x509.CertificateRequest }
CertificateRequest describes a request for a single certificate.
type Encryptomatic ¶
type Encryptomatic struct { // Verifiers is a slice of the available verifiers. They should each implement one of the available verification APIs. Verifiers []Verifier // Client is the acme.Client to use to retrieve certificates. // It should already have been registered with the directory, and the Terms-of-Service agreed to. Client acmeClient }
Encryptomatic ties together Verifiers, a Client, and CertificateRequests.
func (*Encryptomatic) Request ¶
func (e *Encryptomatic) Request(ctx context.Context, reqs []CertificateRequest) error
Request requests certificates for the provided CertificateRequests.
type Installer ¶
type Installer interface { SetCertificate(ctx context.Context, caBundle []*x509.Certificate, cert *x509.Certificate, privKey crypto.PrivateKey) error GetCertificate(ctx context.Context) (*x509.Certificate, error) }
Installer represents a method of installing a certificate onto a device.
type Registry ¶
type Registry struct {
// contains filtered or unexported fields
}
type Verifier ¶
Verifier represents a method of asserting control over a domain. They should implement one of the more-specific interfaces, such as VerifierDNS01.
Directories ¶
Path | Synopsis |
---|---|
base
|
|
digitalocean
Package digitalocean adds some convenience methods to the DigitalOcean API.
|
Package digitalocean adds some convenience methods to the DigitalOcean API. |
cmd
|
|
Package encryptoutil provides some useful X.509 utilities.
|
Package encryptoutil provides some useful X.509 utilities. |
installer
|
|
digitalocean
Package digitalocean handles installing certificates to load balancers.
|
Package digitalocean handles installing certificates to load balancers. |
file
Package file installs certificates into flat files on disk.
|
Package file installs certificates into flat files on disk. |
freenas
Package freenas installs certificates on a FreeNAS 11 server.
|
Package freenas installs certificates on a FreeNAS 11 server. |
hpilo2
Package hpilo2 allows installation of SSL certificates on HP ILO2 machines.
|
Package hpilo2 allows installation of SSL certificates on HP ILO2 machines. |
ssh
Package ssh installs certificates into flat files on a remote host, using SSH/SCP.
|
Package ssh installs certificates into flat files on a remote host, using SSH/SCP. |
verifier
|
|
cloudflare
Package cloudflare automates verification of domain control using Cloudflare's API.
|
Package cloudflare automates verification of domain control using Cloudflare's API. |
digitalocean
Package digitalocean handles responding to DNS-01 ACME challenges using DigitalOcean domains.
|
Package digitalocean handles responding to DNS-01 ACME challenges using DigitalOcean domains. |
Click to show internal directories.
Click to hide internal directories.