cert-manager: github.com/jetstack/cert-manager/pkg/webhook/server/tls Index | Files

package tls

import "github.com/jetstack/cert-manager/pkg/webhook/server/tls"

Index

Package Files

dynamic_source.go file_source.go source.go

Variables

var (
    ErrNotAvailable = errors.New("no tls.Certificate available")
)

type CertificateSource Uses

type CertificateSource interface {
    // GetCertificate returns a Certificate based on the given
    // ClientHelloInfo. It will only be called if the client supplies SNI
    // information or if Certificates is empty.
    //
    // If GetCertificate is nil or returns nil, then the certificate is
    // retrieved from NameToCertificate. If NameToCertificate is nil, the
    // first element of Certificates will be used.
    GetCertificate(*tls.ClientHelloInfo) (*tls.Certificate, error)

    // Run will start the certificate source.
    // This may include setting up watches on certificate stores, or any other
    // kind of background operation.
    // The Run function should return when stopCh is closed, and may return an
    // error if an irrecoverable error occurs whilst running.
    Run(stopCh <-chan struct{}) error

    // Healthy can be used to check the status of the CertificateSource.
    // It will return true if the source has a certificate available.
    Healthy() bool
}

type DynamicSource Uses

type DynamicSource struct {
    // DNSNames that will be set on certificates this source produces.
    DNSNames []string

    // The authority used to sign certificate templates.
    Authority *authority.DynamicAuthority

    // Log is an optional logger to write informational and error messages to.
    // If not specified, no messages will be logged.
    Log logr.Logger
    // contains filtered or unexported fields
}

DynamicSource provides certificate data for a golang HTTP server by automatically generating certificates using an authority.SignFunc.

func (*DynamicSource) GetCertificate Uses

func (f *DynamicSource) GetCertificate(*tls.ClientHelloInfo) (*tls.Certificate, error)

func (*DynamicSource) Healthy Uses

func (f *DynamicSource) Healthy() bool

func (*DynamicSource) Run Uses

func (f *DynamicSource) Run(stopCh <-chan struct{}) error

type FileCertificateSource Uses

type FileCertificateSource struct {
    // CertPath is the path to the TLS certificate.
    // This file will be read periodically and will be used as the private key
    // for TLS connections.
    CertPath string

    // KeyPath is the path to the private key.
    // This file will be read periodically and will be used as the private key
    // for TLS connections.
    KeyPath string

    // UpdateInterval is how often the CertPath and KeyPath will be checked for
    // changes.
    // If not specified, a default of 10s will be used.
    UpdateInterval time.Duration

    // MaxFailures is the maximum number of times a failure to read data from
    // disk should be allowed before treating it as fatal.
    // If not specified, a default of 12 will be used.
    MaxFailures int

    // Log is an optional logger to write informational and error messages to.
    // If not specified, no messages will be logged.
    Log logr.Logger
    // contains filtered or unexported fields
}

FileCertificateSource provides certificate data for a golang HTTP server by reloading data on disk periodically.

func (*FileCertificateSource) GetCertificate Uses

func (f *FileCertificateSource) GetCertificate(*tls.ClientHelloInfo) (*tls.Certificate, error)

func (*FileCertificateSource) Healthy Uses

func (f *FileCertificateSource) Healthy() bool

func (*FileCertificateSource) Run Uses

func (f *FileCertificateSource) Run(stopCh <-chan struct{}) error

Package tls imports 16 packages (graph) and is imported by 2 packages. Updated 2020-08-05. Refresh now. Tools for package owners.