truststore

package module
v1.4.4-lib Latest Latest
Warning

This package is not in the latest version of its module.

 Go to latest Published: Jul 29, 2022 License: BSD-3-Clause, MIT Imports: 36 Imported by: 2

README

truststore

trustore is a fork of mkcert which provides a very lightweight library API for making locally-trusted development certificates. It requires no configuration.

See lib.go for details of the public API methods provided.

Supported root stores

truststore supports the following root stores:

  • macOS system store
  • Windows system store
  • Linux variants that provide either
    • update-ca-trust (Fedora, RHEL, CentOS) or
    • update-ca-certificates (Ubuntu, Debian, OpenSUSE, SLES) or
    • trust (Arch)
  • Firefox (macOS and Linux only)
  • Chrome and Chromium
  • Java (when JAVA_HOME is set)

For more information and detailed documentation on the internals, see the mkcert documentation.

License

Library API made available under the terms of the MIT license.

Based on mkcert, (c) mkcert authors (BSD-3-Clause)

Documentation

Overview

Command mkcert is a simple zero-config tool to make development certificates.

Index

Constants

This section is empty.

Variables

View Source 
var (
	FirefoxProfiles = []string{os.Getenv("HOME") + "/.mozilla/firefox/*",
		os.Getenv("HOME") + "/snap/firefox/common/.mozilla/firefox/*"}
	NSSBrowsers = "Firefox and/or Chrome/Chromium"

	SystemTrustFilename string
	SystemTrustCommand  []string
	CertutilInstallHelp string
)
View Source 
var Print = false

Print controls whether or not log messages should be printed.

As `mkcert` is originally a cli-based tool, there are verbose print statements littered throughout. For library usage, we want to silence them by default, but it may be useful to re-enable under some conditions.

View Source 
var Version string

Version can be set at link time to override debug.BuildInfo.Main.Version, which is "(devel)" when building from within the module. See golang.org/issue/29814 and golang.org/issue/29228.

Functions

func GetCAROOT 

func GetCAROOT() string

GetCAROOT returns the computed CAROOT path. See `getCAROOT` for search order.

Types

type Cert 

type Cert struct {
	CertFile string
	KeyFile  string
}

func (Cert) Exists 

func (c Cert) Exists() bool

Exists returns true if both the CertFile and KeyFile exist

type MkcertLib 

type MkcertLib struct {
	// contains filtered or unexported fields
}

func NewLib 

func NewLib() (mlib *MkcertLib, err error)

NewLib initializes a new instance of MkcertLib. It will automatically initialize a new CA, as needed, however it will *not* install it in the system.

Since output is silenced by default, in order to troubleshoot errors while creating a new CA or loading an existing one, it may be useful to run twice if an error is returned, like so:

ml, err := truststore.NewLib() 

if err != nil {
	truststore.Print = true
	truststore.NewLib()
	// handle err...
}

func (*MkcertLib) CertFile 

func (ml *MkcertLib) CertFile(hosts []string, targetOutputPath string) (cert Cert, err error)

CertFile generates the output filenames for the given host(s)

func (*MkcertLib) Install 

func (ml *MkcertLib) Install() (err error)

Install the CA into the system trust stores

func (*MkcertLib) MakeCert 

func (ml *MkcertLib) MakeCert(hosts []string, targetOutputPath string) (cert Cert, err error)

MakeCert with the given host names.

All names must be valid hostnames or IP addresses. See `validateHosts`.

*NOTE* A single cert will be created which is valid for all given hosts. To 

create multiple files, call this method once per host.

func (*MkcertLib) Uninstall 

func (ml *MkcertLib) Uninstall() (err error)

Uninstall the CA from the system trust stores

Source Files

View all Source files

Jump to

Keyboard shortcuts

? : This menu
/ : Search site
f or F : Jump to
y or Y : Canonical URL
go.dev uses cookies from Google to deliver and enhance the quality of its services and to analyze traffic. Learn more.