certificates

package

v0.0.0-...-23d9192 Latest Latest Go to latest Published: Jun 17, 2018 License: Apache-2.0, Apache-2.0 Imports: 22 Imported by: 0

Details

Valid go.mod file

The Go module system was introduced in Go 1.11 and is the official dependency management solution for Go.
Redistributable license

Redistributable licenses place minimal restrictions on how software can be used, modified, and redistributed.
Tagged version

Modules with tagged versions give importers more predictable builds.
Stable version

When a project reaches major version v1 it is considered stable.
Learn more about best practices

Repository

github.com/pulcy/helix

Links

Open Source Insights

README ¶

go-certificates

Library for golang code related to creating certificates.

Documentation ¶

Index ¶

func CreateCertificate(options CreateCertificateOptions, ca *CA) (string, string, error)
func CreateKeystore(cert, key, caCert string, alias string, keystorePassword []byte) ([]byte, error)
func CreateTLSConfigFromAuthentication(a TLSAuthentication, insecureSkipVerify bool) (*tls.Config, error)
func EncodeToString(c tls.Certificate) (cert, key string)
func ExtractCACertificateFromKeyFile(keyFile string) (string, error)
func GetCertificateExpirationDate(config *tls.Config) (time.Time, bool)
func LoadCertPool(certificate string) (*x509.CertPool, error)
func LoadFromPEM(cert, key string) ([]*x509.Certificate, interface{}, error)
func LoadKeyFile(keyFile string) (tls.Certificate, error)
func SaveKeyFile(cert, key string, filename string) error
type CA
- func LoadCAFromPEM(cert, key string) (CA, error)
type CreateCertificateOptions
type TLSAuthentication

Constants ¶

This section is empty.

Variables ¶

This section is empty.

Functions ¶

func CreateCertificate ¶

func CreateCertificate(options CreateCertificateOptions, ca *CA) (string, string, error)

CreateCertificate creates a certificate according to the given configuration. If ca is nil, the certificate will be self-signed, otherwise the certificate will be signed by the given CA certificate+key. The resulting certificate + private key will be PEM encoded and returned as string (cert, priv, error).

func CreateKeystore ¶

func CreateKeystore(cert, key, caCert string, alias string, keystorePassword []byte) ([]byte, error)

CreateKeystore creates a java keystore containing the given certificate, private key & ca certificate(s).

func CreateTLSConfigFromAuthentication ¶

func CreateTLSConfigFromAuthentication(a TLSAuthentication, insecureSkipVerify bool) (*tls.Config, error)

CreateTLSConfigFromAuthentication creates a tls.Config object from given configuration.

func EncodeToString ¶

func EncodeToString(c tls.Certificate) (cert, key string)

EncodeToString encodes the given certification information into 2 strings. The first containing all certificates (PEM encoded), the second containing the private key (PEM encoded).

func ExtractCACertificateFromKeyFile ¶

func ExtractCACertificateFromKeyFile(keyFile string) (string, error)

ExtractCACertificateFromKeyFile loads a SSL keyfile formatted for the arangod server and extracts the CA certificate(s) from it (if any).

func GetCertificateExpirationDate ¶

func GetCertificateExpirationDate(config *tls.Config) (time.Time, bool)

GetCertificateExpirationDate returns the expiration date of the TLS certificate found in the given config. Returns: ExpirationDate, FoundExpirationDate

func LoadCertPool ¶

func LoadCertPool(certificate string) (*x509.CertPool, error)

LoadCertPool creates a certificate pool from the certificate(s) given in the given PEM encoded string.

func LoadFromPEM ¶

func LoadFromPEM(cert, key string) ([]*x509.Certificate, interface{}, error)

LoadFromPEM parses the given certificate & key into a certificate slice & private key.

func LoadKeyFile ¶

func LoadKeyFile(keyFile string) (tls.Certificate, error)

LoadKeyFile loads a SSL keyfile formatted for the arangod server.

func SaveKeyFile ¶

func SaveKeyFile(cert, key string, filename string) error

SaveKeyFile creates a keyfile with given certificate & key data

Types ¶

type CA ¶

type CA struct {
	Certificate []*x509.Certificate
	PrivateKey  interface{}
}

func LoadCAFromPEM ¶

func LoadCAFromPEM(cert, key string) (CA, error)

LoadCAFromPEM parses the given certificate & key into a CA instance.

type CreateCertificateOptions ¶

type CreateCertificateOptions struct {
	Subject        *pkix.Name    // If set, this name is used for the subject of the certificate and CommonName is ignored.
	CommonName     string        // Common name set in the certificate. If not specified, defaults to first email address, then first host and if all not set 'ArangoDB'.
	Hosts          []string      // Comma-separated hostnames and IPs to generate a certificate for
	EmailAddresses []string      // List of email address to include in the certificate as alternative name
	ValidFrom      time.Time     // Creation data of the certificate
	ValidFor       time.Duration // Duration that certificate is valid for
	IsCA           bool          // Whether this cert should be its own Certificate Authority
	IsClientAuth   bool          // Whether this cert can be used for client authentication
	RSABits        int           // Size of RSA key to generate. Ignored if ECDSACurve is set
	ECDSACurve     string        // ECDSA curve to use to generate a key. Valid values are P224, P256, P384, P521
	ExtKeyUsage    []x509.ExtKeyUsage
}

type TLSAuthentication ¶

type TLSAuthentication interface {
	CACertificate() string
	ClientCertificate() string
	ClientKey() string
}

Source Files ¶

View all Source files

Directories ¶

Path	Synopsis
cli

?	: This menu
/	: Search site
f or F	: Jump to
y or Y	: Canonical URL