cfssl: Index | Files

package client

import ""

Package client implements a Go client for CFSSL API commands.


Package Files

api.go client.go group.go


const (
    // StrategyInvalid indicates any strategy that is unsupported
    // or returned when no strategy is applicable.
    StrategyInvalid = iota

    // StrategyOrderedList is a sequential list of servers: if the
    // first server cannot be reached, the next is used. The
    // client will proceed in this manner until the list of
    // servers is exhausted, and then an error is returned.

type AuthRemote Uses

type AuthRemote struct {
    // contains filtered or unexported fields

AuthRemote acts as a Remote with a default Provider for AuthSign.

func NewAuthServer Uses

func NewAuthServer(addr string, tlsConfig *tls.Config, provider auth.Provider) *AuthRemote

NewAuthServer sets up a new auth server target with an addr in the same format at NewServer and a default authentication provider to use for Sign requests.

func (*AuthRemote) Sign Uses

func (ar *AuthRemote) Sign(req []byte) ([]byte, error)

Sign is overloaded to perform an AuthSign request using the default auth provider.

type Remote Uses

type Remote interface {
    AuthSign(req, id []byte, provider auth.Provider) ([]byte, error)
    Sign(jsonData []byte) ([]byte, error)
    Info(jsonData []byte) (*info.Resp, error)
    Hosts() []string
    SetReqModifier(func(*http.Request, []byte))
    SetRequestTimeout(d time.Duration)
    SetProxy(func(*http.Request) (*url.URL, error))

A Remote points to at least one (but possibly multiple) remote CFSSL instances. It must be able to perform a authenticated and unauthenticated certificate signing requests, return information about the CA on the other end, and return a list of the hosts that are used by the remote.

func NewGroup Uses

func NewGroup(remotes []string, tlsConfig *tls.Config, strategy Strategy) (Remote, error)

NewGroup will use the collection of remotes specified with the given strategy.

func NewServer Uses

func NewServer(addr string) Remote

NewServer sets up a new server target. The address should be of The format [protocol:]name[:port] of the remote CFSSL instance. If no protocol is given http is default. If no port is specified, the CFSSL default port (8888) is used. If the name is a comma-separated list of hosts, an ordered group will be returned.

func NewServerTLS Uses

func NewServerTLS(addr string, tlsConfig *tls.Config) Remote

NewServerTLS is the TLS version of NewServer

type SignResult Uses

type SignResult struct {
    Certificate []byte `json:"certificate"`

SignResult is the result of signing a CSR.

type Strategy Uses

type Strategy int

Strategy is the means by which the server to use as a remote should be selected.

func StrategyFromString Uses

func StrategyFromString(s string) Strategy

StrategyFromString takes a string describing a

Package client imports 17 packages (graph) and is imported by 240 packages. Updated 2020-11-15. Refresh now. Tools for package owners.