cert

package

v0.11.4 Latest Latest Go to latest Published: Aug 9, 2023 License: MPL-2.0 Imports: 12 Imported by: 0

Details

Valid go.mod file

The Go module system was introduced in Go 1.11 and is the official dependency management solution for Go.
Redistributable license

Redistributable licenses place minimal restrictions on how software can be used, modified, and redistributed.
Tagged version

Modules with tagged versions give importers more predictable builds.
Stable version

When a project reaches major version v1 it is considered stable.
Learn more about best practices

Repository

github.com/hashicorp/waypoint

Links

Open Source Insights

Documentation ¶

Overview ¶

Package cert has helpers for managing certificates in our services.

The primary helper is the Cert struct, which manages a single TLS certificate. This has functions for getting a *tls.Config for creating a TLS listener, and automatically watches and reloads on any certificate file changes. It also provides functions for atomic replacement of certificates for zero downtime replacement.

Index ¶

type Cert
- func New(log hclog.Logger, crtPath, keyPath string) (*Cert, error)
- func TestCert(t testing.T) *Cert

Constants ¶

This section is empty.

Variables ¶

This section is empty.

Functions ¶

This section is empty.

Types ¶

type Cert ¶

type Cert struct {
	// contains filtered or unexported fields
}

Cert represents a single certificate.

func New ¶

func New(log hclog.Logger, crtPath, keyPath string) (*Cert, error)

New initializes a certificate from a PEM-encoded certificate and private key written to disk. This loads the initial certificate and sets up file watchers to watch for any changes to reload the certificate.

func TestCert ¶

func TestCert(t testing.T) *Cert

TestCert returns a valid self-signed certificate for testing.

func (*Cert) Close ¶

func (c *Cert) Close() error

Close implements io.Closer. This must be called to properly clean up resources associated with watching for certificate changes.

func (*Cert) GetCertificate ¶

func (c *Cert) GetCertificate(*tls.ClientHelloInfo) (*tls.Certificate, error)

GetCertificate implements the GetCertificate callback for tls.Config and can be used to get the latest certificate at all times.

func (*Cert) Paths ¶

func (c *Cert) Paths() (crt, key string)

Paths returns the paths to the certificate and key that are currently in use.

func (*Cert) Replace ¶

func (c *Cert) Replace(crtPath, keyPath string) error

Replace replaces this certificate with a new path. This is done atomically so active TLS connections are unaffected and new connections will use the new certificate.

func (*Cert) TLSConfig ¶

func (c *Cert) TLSConfig() *tls.Config

TLSConfig returns a TLS configuration struct that can be used that uses this certificate.

Source Files ¶

View all Source files

?	: This menu
/	: Search site
f or F	: Jump to
y or Y	: Canonical URL