certtest

package
v0.0.0-...-1b0dcf5 Latest Latest
Warning

This package is not in the latest version of its module.

 Go to latest Published: Apr 23, 2024 License: Apache-2.0 Imports: 5 Imported by: 4

Documentation

Overview

Package certtest can be used to build a PKI for test purposes. The certificates generated by this package should not be used for production or other sensitive traffic.

Index

Constants

This section is empty.

Variables

This section is empty.

Functions

This section is empty.

Types

type Authority 

type Authority struct {
	// contains filtered or unexported fields
}

Authority represents a Certificate Authority. It should not be used for anything except ephemeral test usage.

func BuildCA 

func BuildCA(name string) (*Authority, error)

BuildCA creates a new test Certificate Authority. The name argument can be used to distinguish between multiple authorities.

func (*Authority) BuildSignedCertificate 

func (a *Authority) BuildSignedCertificate(name string, options ...SignOption) (*Certificate, error)

BuildSignedCertificateWithExpiry creates a new signed certificate which is valid for `localhost` and `127.0.0.1` by default with the expiry a year from now. This can be changed by passing in the various options. The certificates it creates should only be used ephemerally in tests.

func (*Authority) BuildSignedCertificateWithExpiry deprecated 

func (a *Authority) BuildSignedCertificateWithExpiry(name string, expiry time.Time, options ...SignOption) (*Certificate, error)

BuildSignedCertificateWithExpiry creates a new signed certificate which is valid for `localhost` and `127.0.0.1` by default. This can be changed by passing in the various options. The certificates it creates should only be used ephemerally in tests.

Deprecated: Use BuildSignedCertificate with the WithExpiry(...) option.

func (*Authority) CertPool 

func (a *Authority) CertPool() (*x509.CertPool, error)

CertPool returns a certificate pool which is pre-populated with the Certificate Authority.

func (*Authority) Certificate 

func (a *Authority) Certificate() (*x509.Certificate, error)

Certificate resunts the authority's certificate.

func (*Authority) CertificatePEM 

func (a *Authority) CertificatePEM() ([]byte, error)

CertificatePEM returns the authorities certificate as a PEM encoded bytes.

type Certificate 

type Certificate struct {
	// contains filtered or unexported fields
}

Certificate represents a Certificate which has been signed by a Certificate Authority.

func (*Certificate) CertificatePEMAndPrivateKey 

func (c *Certificate) CertificatePEMAndPrivateKey() ([]byte, []byte, error)

CertificatePEMAndPrivateKey returns the certificate as a PEM encoded bytes and the private key bytes.

func (*Certificate) TLSCertificate 

func (c *Certificate) TLSCertificate() (tls.Certificate, error)

TLSCertificate returns the certificate as Go standard library tls.Certificate.

type SignOption 

type SignOption func(*signOptions)

SignOption is used to alter the signed certificate parameters.

func WithDomains 

func WithDomains(domains ...string) SignOption

WithDomains adds the passed domains to be valid for the requested certificate.

func WithExpiry 

func WithExpiry(expiry time.Time) SignOption

WithExpiry alters the expiry time of the requested certificate. It must be earlier than the expiry time of the associated CA.

func WithIPs 

func WithIPs(ips ...net.IP) SignOption

WithIPs adds the passed IPs to be valid for the requested certificate.

Source Files

View all Source files

Jump to

Keyboard shortcuts

? : This menu
/ : Search site
f or F : Jump to
y or Y : Canonical URL
go.dev uses cookies from Google to deliver and enhance the quality of its services and to analyze traffic. Learn more.