Documentation
¶
Index ¶
- Constants
- Variables
- func CheckAndLoadOrGenerateRootCertificate(addThumbPrintToName bool, commonName, country, organization string, ...) (*x509.Certificate, *rsa.PrivateKey, error)
- func CheckAndLoadOrGenerateWebServerCertificate(rootCert CertAndKeyType, addThumbPrintToName bool, ...) (*x509.Certificate, *rsa.PrivateKey, error)
- func GenerateRootCertificate(addThumbPrintToName bool, commonName, country, organization string, ...) (*x509.Certificate, *rsa.PrivateKey, error)
- func IssueWebServerCertificate(rootCert CertAndKeyType, addThumbPrintToName bool, ...) (*x509.Certificate, *rsa.PrivateKey, error)
- func LoadCertificateFromFile(certPath, keyPath string) (*x509.Certificate, *rsa.PrivateKey, error)
- func LoadCertificateFromStore(store security.Storager, name string) (*x509.Certificate, *rsa.PrivateKey, error)
- func LoadOrGenerateRootCertificateWithVault(store security.Storager, addThumbPrintToName bool, ...) (*x509.Certificate, *rsa.PrivateKey, error)
- func LoadOrGenerateWebServerCertificateWithVault(store security.Storager, rootCert CertAndKeyType, addThumbPrintToName bool, ...) (*x509.Certificate, *rsa.PrivateKey, error)
- func ParseCertificateFromPEM(certPEM, keyPEM string) (*x509.Certificate, *rsa.PrivateKey, error)
- func SaveCertificateToStore(store security.Storager, name string, cert *x509.Certificate, ...) error
- type CertAndKeyType
- type ObjectStorager
Constants ¶
const ( RootCertPath = "config/root_cert.pem" RootKeyPath = "config/root_key.pem" )
Certificate file path constants.
Variables ¶
var ( ErrCertFieldNotFound = errors.New("cert field not found in secret") ErrKeyFieldNotFound = errors.New("key field not found in secret") ErrStoreNotObjectStorage = errors.New("store does not support object storage") ErrDecodeCertificatePEM = errors.New("failed to decode certificate PEM") ErrDecodePrivateKeyPEM = errors.New("failed to decode private key PEM") ErrCertFilesNotFound = errors.New("certificate files not found") )
Sentinel errors for certificate operations.
Functions ¶
func CheckAndLoadOrGenerateRootCertificate ¶
func CheckAndLoadOrGenerateRootCertificate(addThumbPrintToName bool, commonName, country, organization string, strong bool) (*x509.Certificate, *rsa.PrivateKey, error)
CheckAndLoadOrGenerateRootCertificate checks if root certificate files exist, loads them if they do, or generates new ones if they don't.
func CheckAndLoadOrGenerateWebServerCertificate ¶
func CheckAndLoadOrGenerateWebServerCertificate(rootCert CertAndKeyType, addThumbPrintToName bool, commonName, country, organization string, strong bool) (*x509.Certificate, *rsa.PrivateKey, error)
CheckAndLoadOrGenerateWebServerCertificate checks if web server certificate files exist, loads them if they do, or generates new ones if they don't.
func GenerateRootCertificate ¶
func GenerateRootCertificate(addThumbPrintToName bool, commonName, country, organization string, strong bool) (*x509.Certificate, *rsa.PrivateKey, error)
func IssueWebServerCertificate ¶
func IssueWebServerCertificate(rootCert CertAndKeyType, addThumbPrintToName bool, commonName, country, organization string, strong bool) (*x509.Certificate, *rsa.PrivateKey, error)
func LoadCertificateFromFile ¶
func LoadCertificateFromFile(certPath, keyPath string) (*x509.Certificate, *rsa.PrivateKey, error)
LoadCertificateFromFile loads a certificate and private key from PEM files.
func LoadCertificateFromStore ¶
func LoadCertificateFromStore(store security.Storager, name string) (*x509.Certificate, *rsa.PrivateKey, error)
LoadCertificateFromStore loads a certificate and private key from a security.Storager. If the store implements ObjectStorager, certificates are stored as {cert, key} fields. Path: certs/{name}.
func LoadOrGenerateRootCertificateWithVault ¶
func LoadOrGenerateRootCertificateWithVault(store security.Storager, addThumbPrintToName bool, commonName, country, organization string, strong bool) (*x509.Certificate, *rsa.PrivateKey, error)
LoadOrGenerateRootCertificateWithVault attempts to load the root certificate from Vault first, falls back to local files, and generates new certificates if neither exists. When a new certificate is generated, it is stored in Vault (if available) and locally. Certificate is stored at: {basePath}/certs/root.
func LoadOrGenerateWebServerCertificateWithVault ¶
func LoadOrGenerateWebServerCertificateWithVault(store security.Storager, rootCert CertAndKeyType, addThumbPrintToName bool, commonName, country, organization string, strong bool) (*x509.Certificate, *rsa.PrivateKey, error)
LoadOrGenerateWebServerCertificateWithVault attempts to load the web server certificate from Vault first, falls back to local files, and generates new certificates if neither exists. When a new certificate is generated, it is stored in Vault (if available) and locally. Certificate is stored at: {basePath}/certs/webserver-{commonName}.
func ParseCertificateFromPEM ¶
func ParseCertificateFromPEM(certPEM, keyPEM string) (*x509.Certificate, *rsa.PrivateKey, error)
ParseCertificateFromPEM parses PEM-encoded certificate and key strings.
func SaveCertificateToStore ¶
func SaveCertificateToStore(store security.Storager, name string, cert *x509.Certificate, key *rsa.PrivateKey) error
SaveCertificateToStore saves a certificate and private key to a security.Storager. If the store implements ObjectStorager, certificates are stored as {cert, key} fields. Path: certs/{name}.
Types ¶
type CertAndKeyType ¶
type CertAndKeyType struct {
Cert *x509.Certificate
Key *rsa.PrivateKey
}
Source Files