acme

package

v0.0.0-...-0f73ca9 Latest Latest Go to latest Published: Feb 3, 2017 License: Apache-2.0 Imports: 12 Imported by: 0

Details

Valid go.mod file

The Go module system was introduced in Go 1.11 and is the official dependency management solution for Go.
Redistributable license

Redistributable licenses place minimal restrictions on how software can be used, modified, and redistributed.
Tagged version

Modules with tagged versions give importers more predictable builds.
Stable version

When a project reaches major version v1 it is considered stable.
Learn more about best practices

Repository

github.com/mailgun/roman

Links

Open Source Insights

README ¶

acme

The acme package provides a simple API for requesting certificates from and Automated Certificate Management Environment (ACME) Certificate Authority (CA). You probably don't want to use this directly, instead use roman.CertificateManager.

Example


import (
    "crypto/tls"
    "fmt"
    "net/http"
    "os"

    "github.com/mailgun/roman/acme"
	"github.com/mailgun/roman/challenge"

	golang_acme "golang.org/x/crypto/acme"
)

// create a roman acme client
acmeClient := &Client{
	Directory: acme.LetsEncryptProduction,
	AgreeTOS:  golang_acme.AcceptTOS,
	Email:     "foo@example.com",
	ChallengePerformer: &challenge.Route53{
		Region:           "us-east-1",
		AccessKeyID:      "AK000000000000000000",
		SecretAccessKey:  "a000000000000000000000000000000000000000",
		HostedZoneID:     "Z0000000000000",
		HostedDomainName: "example.com",
		WaitForSync:      true,
	},
}

// go get a certificate for example.com
certificate, err = acmeClient.CertificateForDomain("example.com")
if err != nil {
    fmt.Printf("Unexpected response from CertificateForDomain: %v", err)
    os.Exit(255)
}

// start a server or do whatever you want with the certificate
s := &http.Server{
    Addr: ":https",
    TLSConfig: &tls.Config{Certificates: []tls.Certificate{certificate}},
}
s.ListenAndServeTLS("", "")

Tests

To run tests against a file called .roman.configuration needs to exist the root of the roman repo that contains information needed by the challenge solver. An example configuration file would look like:

Route53-Region=us-east-1
Route53-AccessKeyID=AK000000000000000000
Route53-SecretAccessKey=a000000000000000000000000000000000000000
Route53-HostedZoneID=Z0000000000000
Route53-HostedDomainName=example.com

Documentation ¶

Index ¶

Constants
type CertificateForDomainer
type Client
- func (c *Client) CertificateForDomain(hostname string) (*tls.Certificate, error)

Constants ¶

View Source

const (
	LetsEncryptStaging    = "https://acme-staging.api.letsencrypt.org/directory"
	LetsEncryptProduction = "https://acme-v01.api.letsencrypt.org/directory"
)

Variables ¶

This section is empty.

Functions ¶

This section is empty.

Types ¶

type CertificateForDomainer ¶

type CertificateForDomainer interface {
	// CertificateForDomain obtains a certificate for a given hostname.
	CertificateForDomain(hostname string) (*tls.Certificate, error)
}

type Client ¶

type Client struct {
	Directory          string
	AgreeTOS           func(tosURL string) bool
	Email              string
	ChallengePerformer challenge.Performer
}

func (*Client) CertificateForDomain ¶

func (c *Client) CertificateForDomain(hostname string) (*tls.Certificate, error)

CertificateForDomain returns a *tls.Certificate for a given hostname.

Source Files ¶

View all Source files

?	: This menu
/	: Search site
f or F	: Jump to
y or Y	: Canonical URL