tlscert

package
v1.5.0 Latest Latest
Warning

This package is not in the latest version of its module.

 Go to latest Published: Jun 16, 2026 License: MIT Imports: 14 Imported by: 0

Documentation

Overview

Package tlscert generates a self-signed TLS certificate + key so the server can serve HTTPS without external tooling (the `dockercmd --make-certs` action). For public hosts, use a real CA / ACME instead.

Index

Constants

View Source 
const Validity = 397 * 24 * time.Hour

Validity is how long a generated self-signed certificate is valid for. It is kept under the 398-day ceiling that Apple/Chrome enforce for TLS server certs (they reject longer-lived leaves even when the cert is manually trusted).

Variables

This section is empty.

Functions

func GenerateSelfSigned 

func GenerateSelfSigned(hosts []string) (certPEM, keyPEM []byte, err error)

GenerateSelfSigned returns PEM-encoded certificate and private key for an ECDSA P-256 self-signed certificate covering the given hosts (DNS names and/or IP addresses), plus localhost / 127.0.0.1 / ::1.

func WriteCertPair 

func WriteCertPair(dir string, certPEM, keyPEM []byte) (certPath, keyPath string, err error)

WriteCertPair writes the cert (0644) and key (0600) into dir (created 0700 if needed) and returns their paths. The private key is never group/world-readable even if the file already existed.

Types

This section is empty.

Source Files

View all Source files

Jump to

Keyboard shortcuts

? : This menu
/ : Search site
f or F : Jump to
y or Y : Canonical URL
go.dev uses cookies from Google to deliver and enhance the quality of its services and to analyze traffic. Learn more.