autocert

package module

v0.1.0 Latest Latest Go to latest Published: Jan 26, 2022 License: Apache-2.0 Imports: 4 Imported by: 1

Details

Valid go.mod file

The Go module system was introduced in Go 1.11 and is the official dependency management solution for Go.
Redistributable license

Redistributable licenses place minimal restrictions on how software can be used, modified, and redistributed.
Tagged version

Modules with tagged versions give importers more predictable builds.
Stable version

When a project reaches major version v1 it is considered stable.
Learn more about best practices

Repository

github.com/thepaul/autocert

Links

Open Source Insights

README ¶

thepaul/autocert

This is mostly just a wrapper around the golang.org/x/crypto/acme/autocert module, which streamlines usage somewhat for the cases I tend to need. In particular, it allows having your SSL server listen on a local port other than 443 (although it's still necessary for the ACME server to be able to contact the server externally on 443).

Example usage

manager := autocert.NewTLSAutoCertManager(func(ctx context.Context, hostName string) error {
    if hostName != expectedHostName {
        return fmt.Errorf("invalid hostname %q", hostName)
    }
    return nil
}, "my@email.com", time.Hour * 24, "/my/cache/directory")

httpsListener, err := manager.Listen("tcp", "0.0.0.0:8443")
if err != nil {
    panic(err)
}
log.Fatal(httpsServer.Serve(ctx, httpsListener))

Documentation ¶

Index ¶

type CertManager
- func NewTLSAutoCertManager(hostPolicy autocert.HostPolicy, operatorEmail string, ...) CertManager
type HostPolicy

Constants ¶

This section is empty.

Variables ¶

This section is empty.

Functions ¶

This section is empty.

Types ¶

type CertManager ¶

type CertManager interface {
	Listen(network, address string) (net.Listener, error)
	TLSConfig() *tls.Config
}

CertManager is a stateful certificate manager built on top of golang.org/x/crypto/acme/(*autocert.Manager), which is itself in turn built on top of golang.org/x/crypto/(*acme.Client). It obtains and refreshes certificates automatically using "tls-alpn-01" or "http-01" challenge types, as well as providing them to a TLS server via tls.Config.

func NewTLSAutoCertManager ¶

func NewTLSAutoCertManager(hostPolicy autocert.HostPolicy, operatorEmail string, renewBefore time.Duration, cacheDir string) CertManager

NewTLSAutoCertManager creates a new automatic certificate manager with the specified configuration items.

hostPolicy determines which incoming connections will be accepted (see autocert.HostPolicy for more information).

operatorEmail is the contact email address to be submitted to the ACME server, and which will be put into the issued SSL certificates.

renewBefore specifies how early certificates should be renewed before they expire (e.g., time.Hour * 24).

cacheDir gives a directory which can be used as a certificate cache for storing SSL certificate information between invocations. If the directory does not exist, it will be created with 0700 permissions.

type HostPolicy ¶

type HostPolicy = autocert.HostPolicy

Source Files ¶

View all Source files

autocert.go

?	: This menu
/	: Search site
f or F	: Jump to
y or Y	: Canonical URL