Documentation ¶
Index ¶
- Constants
- func GenerateACMECertificate(domains ...string) (keyPEM []byte, certPEM []byte, err error)
- func GenerateTLSCert(domains ...string) (keyPEM []byte, certPEM []byte, err error)
- func GetACMECertificate(site *state.SiteState) (key []byte, cert []byte, err error)
- func GetAKVCertificate(site *state.SiteState) (key []byte, cert []byte, certObj *x509.Certificate, err error)
- func GetCertificate(site *state.SiteState) (key []byte, cert []byte, err error)
- func GetImportedCertificate(site *state.SiteState) (key []byte, cert []byte, certObj *x509.Certificate, err error)
- func GetSelfSignedCertificate(site *state.SiteState) (key []byte, cert []byte, err error)
- func InspectCertificate(site *state.SiteState, cert *x509.Certificate) error
- type ACMEUser
- type StatikoProvider
Constants ¶
const ACMEMinDays = 21
ACMEMinDays controls how many days from the expiration a new certificate is requested from ACME
const SelfSignedCertificateIssuer = "statiko self-signed"
SelfSignedCertificateIssuer is the organization that issues self-signed certificates
const SelfSignedMinDays = 14
SelfSignedMinDays controls how many days from the expiration self-signed certificates are renewed
Variables ¶
This section is empty.
Functions ¶
func GenerateACMECertificate ¶
GenerateACMECertificate requests a new certificate from the ACME provider
func GenerateTLSCert ¶
GenerateTLSCert generates a new self-signed TLS certificate (with a RSA 4096-bit key) and returns the private key and public certificate encoded as PEM The first domain is the primary one, used as value for the "Common Name" value too Each certificate is valid for 1 year
func GetACMECertificate ¶
GetACMECertificate returns a certificate issued by ACME (e.g. Let's Encrypt), with key and certificate PEM-encoded If the ACME provider hasn't issued a certificate yet, this will return a self-signed TLS certificate, until the ACME one is available
func GetAKVCertificate ¶
func GetAKVCertificate(site *state.SiteState) (key []byte, cert []byte, certObj *x509.Certificate, err error)
GetAKVCertificate returns a certificate from Azure Key Vault
func GetCertificate ¶
GetCertificate returns the certificate for the site (with key and certificate PEM-encoded)
func GetImportedCertificate ¶
func GetImportedCertificate(site *state.SiteState) (key []byte, cert []byte, certObj *x509.Certificate, err error)
GetImportedCertificate returns a certificate stored in the state store
func GetSelfSignedCertificate ¶
GetSelfSignedCertificate returns a self-signed certificate, with key and certificate PEM-encoded
func InspectCertificate ¶
func InspectCertificate(site *state.SiteState, cert *x509.Certificate) error
InspectCertificate loads a X.509 certificate and checks its details, such as expiration
Types ¶
type ACMEUser ¶
type ACMEUser struct { Email string Registration *registration.Resource // contains filtered or unexported fields }
ACMEUser implements registration.User
func (*ACMEUser) GetPrivateKey ¶
func (u *ACMEUser) GetPrivateKey() crypto.PrivateKey
func (*ACMEUser) GetRegistration ¶
func (u *ACMEUser) GetRegistration() *registration.Resource
type StatikoProvider ¶
type StatikoProvider struct { }
StatikoProvider implements ChallengeProvider for `http-01` challenge.
func (*StatikoProvider) CleanUp ¶
func (w *StatikoProvider) CleanUp(domain, token, keyAuth string) error
CleanUp removes the key created for the challenge
func (*StatikoProvider) Present ¶
func (w *StatikoProvider) Present(domain, token, keyAuth string) error
Present makes the token available