cert_manager

package

v0.29.3 Latest Latest Go to latest Published: Mar 7, 2024 License: MIT Imports: 31 Imported by: 0

Details

Valid go.mod file

The Go module system was introduced in Go 1.11 and is the official dependency management solution for Go.
Redistributable license

Redistributable licenses place minimal restrictions on how software can be used, modified, and redistributed.
Tagged version

Modules with tagged versions give importers more predictable builds.
Stable version

When a project reaches major version v1 it is considered stable.
Learn more about best practices

Repository

github.com/rekby/lets-proxy2

Links

Open Source Insights

Documentation ¶

Index ¶

type AcmeClient
type AcmeClientManager
type CertDescription
- func CertDescriptionFromDomain(domain domain.DomainName, keyType KeyType, autoSubDomains []string) CertDescription
type DomainChecker
type GetContext
type KeyType
- func (t KeyType) Generate() (crypto.Signer, error)
- func (t KeyType) String() string
type Manager
- func New(acmeClientManager AcmeClientManager, c cache.Bytes, r prometheus.Registerer) *Manager
- func (m *Manager) GetCertificate(hello *tls.ClientHelloInfo) (resultCert *tls.Certificate, err error)
- func (m *Manager) HandleHTTPValidation(w http.ResponseWriter, r *http.Request) bool

Constants ¶

This section is empty.

Variables ¶

This section is empty.

Functions ¶

This section is empty.

Types ¶

type AcmeClient ¶ added in v0.20.2

type AcmeClient interface {
	Accept(ctx context.Context, chal *acme.Challenge) (*acme.Challenge, error)
	AuthorizeOrder(ctx context.Context, id []acme.AuthzID, opt ...acme.OrderOption) (*acme.Order, error)
	CreateOrderCert(ctx context.Context, url string, csr []byte, bundle bool) (der [][]byte, certURL string, err error)
	GetAuthorization(ctx context.Context, url string) (*acme.Authorization, error)
	HTTP01ChallengeResponse(token string) (string, error)
	RevokeAuthorization(ctx context.Context, url string) error
	TLSALPN01ChallengeCert(token, domain string, opt ...acme.CertOption) (cert tls.Certificate, err error)
	WaitAuthorization(ctx context.Context, url string) (*acme.Authorization, error)
	WaitOrder(ctx context.Context, url string) (*acme.Order, error)
}

type AcmeClientManager ¶ added in v0.26.1

type AcmeClientManager interface {
	Close() error
	GetClient(ctx context.Context) (client *acme.Client, clientDisableFunc func(), err error)
}

type CertDescription ¶ added in v0.23.7

type CertDescription struct {
	MainDomain string
	KeyType    KeyType
	Subdomains []string
}

func CertDescriptionFromDomain ¶ added in v0.23.7

func CertDescriptionFromDomain(domain domain.DomainName, keyType KeyType, autoSubDomains []string) CertDescription

func (CertDescription) CertStoreName ¶ added in v0.23.7

func (n CertDescription) CertStoreName() string

func (CertDescription) DomainNames ¶ added in v0.23.7

func (n CertDescription) DomainNames() []domain.DomainName

func (CertDescription) KeyStoreName ¶ added in v0.23.7

func (n CertDescription) KeyStoreName() string

func (CertDescription) LockName ¶ added in v0.23.7

func (n CertDescription) LockName() string

func (CertDescription) MetaStoreName ¶ added in v0.23.7

func (n CertDescription) MetaStoreName() string

func (CertDescription) String ¶ added in v0.23.7

func (n CertDescription) String() string

func (CertDescription) ZapField ¶ added in v0.23.7

func (n CertDescription) ZapField() zap.Field

type DomainChecker ¶ added in v0.20.2

type DomainChecker interface {
	// IsDomainAllowed called for check domain for allow certificate
	// It can call concurrency for many domains same time
	// guarantee about domain will correct domain name (as minimum for character set)
	IsDomainAllowed(ctx context.Context, domain string) (bool, error)
}

type GetContext ¶

type GetContext interface {
	GetContext() context.Context
}

type KeyType ¶ added in v0.23.7

type KeyType string

const KeyECDSA KeyType = "ecdsa"

const KeyRSA KeyType = "rsa"

func (KeyType) Generate ¶ added in v0.23.7

func (t KeyType) Generate() (crypto.Signer, error)

func (KeyType) String ¶ added in v0.23.7

func (t KeyType) String() string

type Manager ¶

type Manager struct {
	CertificateIssueTimeout time.Duration
	Cache                   cache.Bytes

	// Subdomains, auto-issued with main domain.
	// Every subdomain must have suffix dot. For example: "www."
	AutoSubdomains []string

	DomainChecker           DomainChecker
	EnableHTTPValidation    bool
	EnableTLSValidation     bool
	SaveJSONMeta            bool
	AllowECDSACert          bool
	AllowRSACert            bool
	AllowInsecureTLSChipers bool
	// contains filtered or unexported fields
}

Manager interface inspired to https://godoc.org/golang.org/x/crypto/acme/autocert#Manager but not compatible guarantee

func New ¶

func New(acmeClientManager AcmeClientManager, c cache.Bytes, r prometheus.Registerer) *Manager

func (*Manager) GetCertificate ¶

func (m *Manager) GetCertificate(hello *tls.ClientHelloInfo) (resultCert *tls.Certificate, err error)

GetCertificate implements the tls.Config.GetCertificate hook.

func (*Manager) HandleHTTPValidation ¶ added in v0.21.0

func (m *Manager) HandleHTTPValidation(w http.ResponseWriter, r *http.Request) bool

Source Files ¶

View all Source files

?	: This menu
/	: Search site
f or F	: Jump to
y or Y	: Canonical URL