Documentation ¶
Overview ¶
Example ¶
package main import ( "crypto/tls" "fmt" "log" "net/http" "github.com/moomerman/zap/cert" ) func main() { cache, err := cert.NewCache() if err != nil { log.Fatal("Unable to create new cert cache", err) } tlsConfig := &tls.Config{ GetCertificate: cache.GetCertificate, } server := &http.Server{ TLSConfig: tlsConfig, } listener, err := tls.Listen("tcp", ":4443", tlsConfig) if err != nil { log.Fatal("Unable to create listener", err) } fmt.Println(server.Serve(listener)) }
Output:
Index ¶
- Variables
- func CreateCACert(caName string) ([]byte, []byte, error)
- func CreateCertLegacy() error
- func EncodeCert(cert *tls.Certificate) ([]byte, []byte, error)
- func InstallCert(cert string) error
- func IssueCert(parent *tls.Certificate, commonName string, ipAddress net.IP) (*tls.Certificate, error)
- func LoadCACert(rootDir string) (*tls.Certificate, error)
- type Cache
Examples ¶
Constants ¶
This section is empty.
Variables ¶
View Source
var CACert *tls.Certificate
CACert is the self-signed root certificate
Functions ¶
func CreateCACert ¶ added in v0.3.1
CreateCACert creates and returns a new CA certificate key pair
func CreateCertLegacy ¶ added in v0.3.1
func CreateCertLegacy() error
CreateCertLegacy creates a new self-signed root certificate
func EncodeCert ¶ added in v0.3.1
func EncodeCert(cert *tls.Certificate) ([]byte, []byte, error)
EncodeCert is a helper to encode the given certificate
func InstallCert ¶ added in v0.3.1
InstallCert installs a CA certificate root in the system cacerts on linux
func IssueCert ¶ added in v0.3.1
func IssueCert(parent *tls.Certificate, commonName string, ipAddress net.IP) (*tls.Certificate, error)
IssueCert generates a signed Key/Cert pair for the given CACert with the given name
func LoadCACert ¶ added in v0.3.1
func LoadCACert(rootDir string) (*tls.Certificate, error)
LoadCACert loads a certificate key pair into memory
Types ¶
type Cache ¶
type Cache struct {
// contains filtered or unexported fields
}
Cache is a struct to hold the dynamic certificates and a lock
func (*Cache) GetCertificate ¶
func (c *Cache) GetCertificate(clientHello *tls.ClientHelloInfo) (*tls.Certificate, error)
GetCertificate implements the required function for tls config
Click to show internal directories.
Click to hide internal directories.