Documentation ¶
Index ¶
- func BuildTLSClientConfig(cfg *config.TLSClientConfig) (*tls.Config, error)
- func BuildTLSServerConfig(cfg *config.TLSServerConfig) (*tls.Config, error)
- func ParseCertificatePemFile(filepath string) (*x509.Certificate, error)
- func ParsePKCS12File(config config.MTLSCertLoadConfig) (*tls.Certificate, error)
- func ParsePrivateKeyPemFile(filepath string) (crypto.PrivateKey, error)
- type ClientCertGenerateParameter
- type ClientCertGenerateResult
- type RootCAGenerateRequest
- type RootCAGenerateResult
Constants ¶
This section is empty.
Variables ¶
This section is empty.
Functions ¶
func BuildTLSClientConfig ¶
func BuildTLSClientConfig(cfg *config.TLSClientConfig) (*tls.Config, error)
func BuildTLSServerConfig ¶
func BuildTLSServerConfig(cfg *config.TLSServerConfig) (*tls.Config, error)
func ParseCertificatePemFile ¶
func ParseCertificatePemFile(filepath string) (*x509.Certificate, error)
ParseCertificatePemFile expects PEM(DER(X509(cert))) format
func ParsePKCS12File ¶
func ParsePKCS12File(config config.MTLSCertLoadConfig) (*tls.Certificate, error)
ParsePKCS12File loads PKCS#12 encoded client credentials (certificate + private key)
func ParsePrivateKeyPemFile ¶
func ParsePrivateKeyPemFile(filepath string) (crypto.PrivateKey, error)
ParsePrivateKeyPemFile expects PEM(DER(PKCS8(key))) format
Types ¶
type ClientCertGenerateResult ¶
type ClientCertGenerateResult struct { // PKCS#12 data contains both private key and client certificate PKCS12 []byte // TLS certificate object, contains both private key and client certificate // Can be used in combination with tls.Config and Go HTTP client. TLS *tls.Certificate }
func NewClientCert ¶
func NewClientCert( rng io.Reader, now time.Time, params ClientCertGenerateParameter, ) (ClientCertGenerateResult, error)
type RootCAGenerateRequest ¶
type RootCAGenerateResult ¶
type RootCAGenerateResult struct { PublicKey crypto.PublicKey PrivateKeyFile string PrivateKey crypto.PrivateKey CACertFile string CACert *x509.Certificate }
func NewSelfSignedRootCA ¶
func NewSelfSignedRootCA(req *RootCAGenerateRequest) (*RootCAGenerateResult, error)
func (*RootCAGenerateResult) CACertAsPool ¶
func (result *RootCAGenerateResult) CACertAsPool() *x509.CertPool
Source Files ¶
Click to show internal directories.
Click to hide internal directories.