bigmachine: Index | Files

package authority

import ""

Package authority provides an in-process TLS certificate authority, useful for creating and distributing TLS certificates for mutually authenticated HTTPS networking within Bigmachine.


Package Files



const DriftMargin = time.Minute

DriftMargin is the amount of acceptable clock drift during certificate issuing and verification.

type T Uses

type T struct {
    // contains filtered or unexported fields
A T is a TLS certificate authority which can issue client and server

certificates and provide configuration for HTTPS clients.

func New Uses

func New(filename string) (*T, error)

New creates a new certificate authority, reading the PEM-encoded certificate and private key from the provided path. If the path does not exist, newCA instead creates a new certificate authority and stores it at the provided path. If path is empty, the authority is ephemeral.

func (*T) Cert Uses

func (c *T) Cert() *x509.Certificate

Cert returns the authority's x509 certificate.

func (*T) HTTPSConfig Uses

func (c *T) HTTPSConfig() (client, server *tls.Config, err error)

HTTPSConfig returns a tls configs based on newly issued TLS certificates from this CA.

func (*T) Issue Uses

func (c *T) Issue(cn string, ttl time.Duration, ips []net.IP, dnss []string) ([]byte, *rsa.PrivateKey, error)

Issue issues a new certificate out of this CA with the provided common name, ttl, ips, and DNSes.

Package authority imports 13 packages (graph) and is imported by 2 packages. Updated 2019-10-02. Refresh now. Tools for package owners.