vault

package

v0.3.0 Latest Latest Go to latest Published: Jan 26, 2019 License: MIT Imports: 17 Imported by: 0

Details

Valid go.mod file

The Go module system was introduced in Go 1.11 and is the official dependency management solution for Go.
Redistributable license

Redistributable licenses place minimal restrictions on how software can be used, modified, and redistributed.
Tagged version

Modules with tagged versions give importers more predictable builds.
Stable version

When a project reaches major version v1 it is considered stable.
Learn more about best practices

Repository

github.com/jlindsey/certify

Links

Open Source Insights

Documentation ¶

Index ¶

type Issuer
- func FromClient(v *api.Client, role string) *Issuer
- func (v *Issuer) Connect(ctx context.Context) error
- func (v *Issuer) Issue(ctx context.Context, commonName string, conf *certify.CertConfig) (*tls.Certificate, error)

Constants ¶

This section is empty.

Variables ¶

This section is empty.

Functions ¶

This section is empty.

Types ¶

type Issuer ¶

type Issuer struct {
	// URL is the URL of the Vault instance.
	URL *url.URL
	// Token is the Vault secret token that should be used
	// when issuing certificates.
	Token string
	// Role is the Vault Role that should be used
	// when issuing certificates.
	Role string
	// TLSConfig allows configuration of the TLS config
	// used when connecting to the Vault server.
	TLSConfig *tls.Config

	// TimeToLive configures the lifetime of certificates
	// requested from the Vault server.
	TimeToLive time.Duration
	// OtherSubjectAlternativeNames defines custom OID/UTF8-string SANs.
	// The format is the same as OpenSSL: <oid>;<type>:<value> where the only current valid <type> is UTF8.
	OtherSubjectAlternativeNames []string
	// contains filtered or unexported fields
}

Issuer implements the Issuer interface with a Hashicorp Vault PKI Secrets Engine backend.

URL, Token and Role are required.

func FromClient ¶ added in v0.3.0

func FromClient(v *api.Client, role string) *Issuer

FromClient returns an Issuer using the provided Vault API client. Any changes to the issuers properties (such as setting the TTL or adding Other SANS) must be done before using it. The client must have its token configured.

func (*Issuer) Connect ¶

func (v *Issuer) Connect(ctx context.Context) error

Connect connects to Vault. If not called, a connection will be made in the first Issue call.

func (*Issuer) Issue ¶

func (v *Issuer) Issue(ctx context.Context, commonName string, conf *certify.CertConfig) (*tls.Certificate, error)

Issue issues a certificate from the configured Vault backend, establishing a connection if one doesn't already exist.

Source Files ¶

View all Source files

Directories ¶

Path	Synopsis
proto Package proto is a generated protocol buffer package.	Package proto is a generated protocol buffer package.

?	: This menu
/	: Search site
f or F	: Jump to
y or Y	: Canonical URL