cfssl: Index | Files | Directories

package ca

import ""

Package ca provides the CertificateAuthority interface for the transport package, which provides an interface to get a CSR signed by some certificate authority.


Package Files

cert_provider.go cfssl_provider.go


var ErrNoAuth = errors.New("transport: authentication is required for non-local remotes")

ErrNoAuth is returned when a client is talking to a CFSSL remote that is not on a loopback address and doesn't have an authentication provider set.

type CFSSL Uses

type CFSSL struct {
    Profile       string
    Label         string
    DefaultRemote client.Remote
    DefaultAuth   config.AuthKey
    // contains filtered or unexported fields

CFSSL provides support for signing certificates via CFSSL.

func NewCFSSLProvider Uses

func NewCFSSLProvider(id *core.Identity, defaultRemote client.Remote) (*CFSSL, error)

NewCFSSLProvider takes the configuration information from an Identity (and an optional default remote), returning a CFSSL instance. There should be a profile in id called "cfssl", which should contain label and profile fields as needed.

func (*CFSSL) CACertificate Uses

func (cap *CFSSL) CACertificate() ([]byte, error)

CACertificate returns the certificate for a CFSSL CA.

func (*CFSSL) SignCSR Uses

func (cap *CFSSL) SignCSR(csrPEM []byte) (cert []byte, err error)

SignCSR requests a certificate from a CFSSL signer.

type CertificateAuthority Uses

type CertificateAuthority interface {
    // SignCSR submits a PKCS #10 certificate signing request to a
    // CA for signing.
    SignCSR(csrPEM []byte) (cert []byte, err error)

    // CACertificate returns the certificate authority's
    // certificate.
    CACertificate() (cert []byte, err error)

A CertificateAuthority is capable of signing certificates given certificate signing requests.


localcaPackage localca implements a localca that is useful for testing the transport package.

Package ca imports 14 packages (graph) and is imported by 52 packages. Updated 2019-06-29. Refresh now. Tools for package owners.