tls

package

v0.9.0 Latest Latest Go to latest Published: Nov 24, 2025 License: Apache-2.0 Imports: 15 Imported by: 0

Details

Valid go.mod file
Redistributable license
Tagged version
Stable version
Learn more about best practices

Repository

github.com/apache/skywalking-banyandb

Links

Open Source Insights

Documentation ¶

Overview ¶

Package tls provides common TLS utilities for HTTP and gRPC servers.

Index ¶

func GenerateSelfSignedCert(commonName string, extraDNSNames []string) (certPEM, keyPEM []byte, err error)
type Reloader
- func NewClientCertReloader(certFile string, log *logger.Logger) (*Reloader, error)
- func NewReloader(certFile, keyFile string, log *logger.Logger) (*Reloader, error)

Constants ¶

This section is empty.

Variables ¶

This section is empty.

Functions ¶

func GenerateSelfSignedCert ¶

func GenerateSelfSignedCert(commonName string, extraDNSNames []string) (certPEM, keyPEM []byte, err error)

GenerateSelfSignedCert creates a new self-signed certificate for testing purposes. It returns the certificate PEM, key PEM, and any error that occurred.

Types ¶

type Reloader ¶

type Reloader struct {
	// contains filtered or unexported fields
}

Reloader manages dynamic reloading of TLS certificates and keys for servers.

func NewClientCertReloader ¶

func NewClientCertReloader(certFile string, log *logger.Logger) (*Reloader, error)

NewClientCertReloader creates a reloader that only monitors a CA certificate without requiring a key. This is useful for client-side certificate verification where only the CA cert is needed.

func NewReloader ¶

func NewReloader(certFile, keyFile string, log *logger.Logger) (*Reloader, error)

NewReloader creates a new TLSReloader instance.

func (*Reloader) GetClientTLSConfig ¶

func (r *Reloader) GetClientTLSConfig(serverName string) (*tls.Config, error)

GetClientTLSConfig returns a TLS config for client-side certificate validation.

func (*Reloader) GetTLSConfig ¶

func (r *Reloader) GetTLSConfig() *tls.Config

GetTLSConfig returns a TLS config using this reloader's certificate.

func (*Reloader) GetUpdateChannel ¶

func (r *Reloader) GetUpdateChannel() <-chan struct{}

GetUpdateChannel returns a channel that will be triggered when a certificate is updated.

func (*Reloader) Start ¶

func (r *Reloader) Start() error

Start begins monitoring the TLS certificate and key files for changes.

func (*Reloader) Stop ¶

func (r *Reloader) Stop()

Stop gracefully stops the TLS reloader.

Source Files ¶

View all Source files

?	: This menu
/	: Search site
f or F	: Jump to
y or Y	: Canonical URL