x: within.website/x/localca Index | Files

package localca

import "within.website/x/localca"

Package localca uses an autocert.Cache to store and generate TLS certificates for domains on demand.

This is kind of powerful, and as such it is limited to only generate certificates as subdomains of a given domain.

The design and implementation of this is kinda stolen from minica[1].

[1]: https://github.com/jsha/minica


Package Files

doc.go legal.go localca.go minica.go utils.go


var (
    ErrBadData                = errors.New("localca: certificate data is bad")
    ErrDomainDoesntHaveSuffix = errors.New("localca: domain doesn't have the given suffix")

type Manager Uses

type Manager struct {
    Cache        autocert.Cache
    DomainSuffix string
    // contains filtered or unexported fields

Manager automatically provisions and caches TLS certificates in a given autocert Cache. If it cannot fetch a certificate on demand, the certificate is dynamically generated with a lifetime of 100 years, which should be good enough.

func New Uses

func New(keyFile, certFile, suffix string, cache autocert.Cache) (Manager, error)

New creates a new Manager with the given key filename, certificate filename, allowed domain suffix and autocert cache. All given certificates will be created if they don't already exist.

func (Manager) GetCertificate Uses

func (m Manager) GetCertificate(hello *tls.ClientHelloInfo) (*tls.Certificate, error)

Package localca imports 24 packages (graph). Updated 2019-06-07. Refresh now. Tools for package owners.