autocertdns

package module
v0.0.0-...-d8123f7 Latest Latest
Warning

This package is not in the latest version of its module.

 Go to latest Published: Oct 6, 2020 License: MIT Imports: 21 Imported by: 2

README

About autocertdns

Package autocertdns provides autocertificate renewal from LetsEncrypt using DNS-01 challenges.

This package is not yet ready for general use.

Documentation

Overview

Package autocertdns provides autocertificate renewal from LetsEncrypt using DNS-01 challenges.

Index

Constants

View Source 
const (

	// LetsEncryptURL is the default ACME server URL.
	LetsEncryptURL = acme.LetsEncryptURL

	// LetsEncryptStagingURL is the ACME staging server URL, used for testing
	// purposes.
	LetsEncryptStagingURL = "https://acme-staging.api.letsencrypt.org/directory"
)

Variables

This section is empty.

Functions

func AcceptTOS 

func AcceptTOS(string) bool

AcceptTOS is a util func that always returns true to indicate acceptance of the underlying ACME server's Terms of Service during account registration.

Types

type Error 

type Error string

Error is a autocertdns error. 

const (
	// ErrInvalidCertificate is the invalid certificate error.
	ErrInvalidCertificate Error = "invalid certificate"

	// ErrCertificateExpired is the certificate expired error.
	ErrCertificateExpired Error = "certificate expired"

	// ErrNoPublicKeyFound is the no public key found error.
	ErrNoPublicKeyFound Error = "no public key found"

	// ErrCertificateNotYetValid is the certificate not yet valid error.
	ErrCertificateNotYetValid Error = "certificate not valid yet"

	// ErrPrivateKeyTypeDoesNotMatchPublicKeyType is the private key type does
	// not match public key type error.
	ErrPrivateKeyTypeDoesNotMatchPublicKeyType Error = "private key type does not match public key type"

	// ErrPrivateKeyTypeDoesNotMatchPublicKey is the private key does not match
	// public key error.
	ErrPrivateKeyDoesNotMatchPublicKey Error = "private key does not match public key"

	// ErrUnknownPublicKeyAlgorithm is the unknown public key algorithm error.
	ErrUnknownPublicKeyAlgorithm Error = "unknown public key algorithm"
)

Error values.

func (Error) Error 

func (err Error) Error() string

Error satisfies the error interface.

type Manager 

type Manager struct {
	// DirectoryURL is the directory URL to use.
	DirectoryURL string

	// Prompt is the func used to accept the TOS.
	Prompt func(string) bool

	// CacheDir is the directory to store certificates in.
	CacheDir string

	// Email is the ACME email account.
	Email string

	// Domain is the domain to generate certificates for.
	Domain string

	// RenewBefore is the window before the expiration of a certificate,
	// after which the current certificate will attempt to be renewed.
	//
	// If zero, certificates will be renewed 5 days before expiration.
	RenewBefore time.Duration

	// Provisioner is the DNS provisioner used to provision and unprovision the
	// DNS-01 challenges given by the ACME server.
	Provisioner Provisioner

	// Logf is a logging func.
	Logf func(string, ...interface{})

	// Errorf is an error logging func.
	Errorf func(string, ...interface{})
	// contains filtered or unexported fields
}

Manager holds information related to managing a DNS-01 based ACME autocert provider.

func (*Manager) GetCertificate 

func (m *Manager) GetCertificate(hello *tls.ClientHelloInfo) (*tls.Certificate, error)

GetCertificate returns the current certificate.

func (*Manager) Run 

func (m *Manager) Run(ctxt context.Context) error

Run starts a goroutine to automatically renew a certificate until the passed context has been closed. Will return an error if initially a certificate cannot be issued/renewed and if any cached certificate is expired.

type Provisioner 

type Provisioner interface {
	// Provision provisions a DNS entry of typ (always TXT), for the FQDN name
	// and with the provided token.
	Provision(ctxt context.Context, typ, name, token string) error

	// Unprovision unprovisions a DNS entry of typ (always TXT), for the FQDN
	// name and with the provided token.
	Unprovision(ctxt context.Context, typ, name, token string) error
}

Provisioner is the shared interface for providers that can provision DNS records.

Source Files

View all Source files

Directories

Path Synopsis
cmd
autogcdns
Command autogcdns provides cli tool to generate letsencrypt certificates using DNS-01 challenges for Google Cloud DNS managed zones.
 Command autogcdns provides cli tool to generate letsencrypt certificates using DNS-01 challenges for Google Cloud DNS managed zones.
Package gcdnsp provides a Google Cloud DNS client that satisfies autocertdns.Provisioner.
 Package gcdnsp provides a Google Cloud DNS client that satisfies autocertdns.Provisioner.
Package godop provides a godo (DigitalOcean API) compatible autocertdns.Provisioner.
 Package godop provides a godo (DigitalOcean API) compatible autocertdns.Provisioner.

Jump to

Keyboard shortcuts

? : This menu
/ : Search site
f or F : Jump to
y or Y : Canonical URL
go.dev uses cookies from Google to deliver and enhance the quality of its services and to analyze traffic. Learn more.