encryptomatic: lukegb.com/encryptomatic Index | Files | Directories

package encryptomatic

import "lukegb.com/encryptomatic"

Package encryptomatic handles granting SSL certificates via ACME to devices which may not natively support that.

Index

Package Files

encryptomatic.go registry.go

func RegisterInstaller Uses

func RegisterInstaller(name string, installer InstallerFactory)

func RegisterVerifier Uses

func RegisterVerifier(name string, verifier VerifierFactory)

type CSRGenerator Uses

type CSRGenerator interface {
    GenerateCSR(ctx context.Context) (*x509.CertificateRequest, error)
}

CSRGenerator represents an endpoint which can generate its own certificate request/private key pair.

type CertificateRequest Uses

type CertificateRequest struct {
    // Targets are the target devices which this certificate should be installed on.
    Targets []Installer

    // Names are the domains which this certificate should be requested for.
    Names []string

    // Key is the private key to use to sign the request. If nil, a private key will be generated.
    Key crypto.PrivateKey

    // Request is the pre-generated, pre-signed request. If set, Names and Key will be ignored.
    Request *x509.CertificateRequest
}

CertificateRequest describes a request for a single certificate.

type Encryptomatic Uses

type Encryptomatic struct {
    // Verifiers is a slice of the available verifiers. They should each implement one of the available verification APIs.
    Verifiers []Verifier

    // Client is the acme.Client to use to retrieve certificates.
    // It should already have been registered with the directory, and the Terms-of-Service agreed to.
    Client acmeClient
}

Encryptomatic ties together Verifiers, a Client, and CertificateRequests.

func (*Encryptomatic) Request Uses

func (e *Encryptomatic) Request(ctx context.Context, reqs []CertificateRequest) error

Request requests certificates for the provided CertificateRequests.

type Installer Uses

type Installer interface {
    SetCertificate(ctx context.Context, caBundle []*x509.Certificate, cert *x509.Certificate, privKey crypto.PrivateKey) error
    GetCertificate(ctx context.Context) (*x509.Certificate, error)
}

Installer represents a method of installing a certificate onto a device.

type InstallerFactory Uses

type InstallerFactory func(v *viper.Viper) (Installer, error)

type Registry Uses

type Registry struct {
    // contains filtered or unexported fields
}
var (
    DefaultRegistry *Registry = nil
)

func (*Registry) Installer Uses

func (r *Registry) Installer(name string, v *viper.Viper) (Installer, error)

func (*Registry) Verifier Uses

func (r *Registry) Verifier(name string, v *viper.Viper) (Verifier, error)

type Verifier Uses

type Verifier interface {
    CanVerify(ctx context.Context, name string) (bool, error)
}

Verifier represents a method of asserting control over a domain. They should implement one of the more-specific interfaces, such as VerifierDNS01.

type VerifierDNS01 Uses

type VerifierDNS01 interface {
    Verifier
    VerifyDNS01Record(ctx context.Context, name, value string) error
}

VerifierDNS01 is a Verifier that supports asserting domain control using the ACME dns-01 method (i.e. the creation of a TXT record).

type VerifierFactory Uses

type VerifierFactory func(v *viper.Viper) (Verifier, error)

Directories

PathSynopsis
encryptoutilPackage encryptoutil provides some useful X.509 utilities.

Package encryptomatic imports 15 packages (graph). Updated 2017-08-20. Refresh now. Tools for package owners.