certhelper

package

v0.32.2 Latest Latest Go to latest Published: Apr 14, 2026 License: Apache-2.0 Imports: 13 Imported by: 0

Details

Valid go.mod file
Redistributable license
Tagged version
Stable version
Learn more about best practices

Repository

github.com/loft-sh/vcluster

Links

Open Source Insights

Documentation ¶

Index ¶

Constants
func EncodeCertPEM(cert *x509.Certificate) []byte
func IsCertExpired(cert *x509.Certificate) bool
func MakeEllipticPrivateKeyPEM() ([]byte, error)
func NewSignedCert(cfg Config, key crypto.Signer, caCert *x509.Certificate, caKey crypto.Signer) (*x509.Certificate, error)
func ParseCertsPEM(pemCerts []byte) ([]*x509.Certificate, error)
func ParsePrivateKeyPEM(keyData []byte) (interface{}, error)
type AltNames
type Config

Constants ¶

View Source

const (
	// ECPrivateKeyBlockType is a possible value for pem.Block.Type.
	ECPrivateKeyBlockType = "EC PRIVATE KEY"
	// RSAPrivateKeyBlockType is a possible value for pem.Block.Type.
	RSAPrivateKeyBlockType = "RSA PRIVATE KEY"
	// PrivateKeyBlockType is a possible value for pem.Block.Type.
	PrivateKeyBlockType = "PRIVATE KEY"
	// PublicKeyBlockType is a possible value for pem.Block.Type.
	PublicKeyBlockType = "PUBLIC KEY"
	// CertificateBlockType is a possible value for pem.Block.Type.
	CertificateBlockType = "CERTIFICATE"
	// CertificateRequestBlockType is a possible value for pem.Block.Type.
	CertificateRequestBlockType = "CERTIFICATE REQUEST"
)

View Source

const (
	// DefaultCertDuration is the default validity period for signed certificates.
	DefaultCertDuration = time.Hour * 24 * 365
)

Variables ¶

This section is empty.

Functions ¶

func EncodeCertPEM ¶

func EncodeCertPEM(cert *x509.Certificate) []byte

EncodeCertPEM returns PEM-endcoded certificate data

func IsCertExpired ¶

func IsCertExpired(cert *x509.Certificate) bool

IsCertExpired checks if the certificate about to expire

func MakeEllipticPrivateKeyPEM ¶

func MakeEllipticPrivateKeyPEM() ([]byte, error)

MakeEllipticPrivateKeyPEM creates an ECDSA private key

func NewSignedCert ¶

func NewSignedCert(cfg Config, key crypto.Signer, caCert *x509.Certificate, caKey crypto.Signer) (*x509.Certificate, error)

NewSignedCert creates a signed certificate using the given CA certificate and key

func ParseCertsPEM ¶

func ParseCertsPEM(pemCerts []byte) ([]*x509.Certificate, error)

ParseCertsPEM returns the x509.Certificates contained in the given PEM-encoded byte array Returns an error if a certificate could not be parsed, or if the data does not contain any certificates

func ParsePrivateKeyPEM ¶

func ParsePrivateKeyPEM(keyData []byte) (interface{}, error)

ParsePrivateKeyPEM returns a private key parsed from a PEM block in the supplied data. Recognizes PEM blocks for "EC PRIVATE KEY", "RSA PRIVATE KEY", or "PRIVATE KEY"

Types ¶

type AltNames ¶

type AltNames struct {
	DNSNames []string
	IPs      []net.IP
}

AltNames contains the domain names and IP addresses that will be added to the API Server's x509 certificate SubAltNames field. The values will be passed directly to the x509.Certificate object.

type Config ¶

type Config struct {
	CommonName   string
	Organization []string
	AltNames     AltNames
	Usages       []x509.ExtKeyUsage
	// Duration overrides the certificate validity period. If zero, DefaultCertDuration is used.
	Duration time.Duration
}

Config contains the basic fields required for creating a certificate

Source Files ¶

View all Source files

?	: This menu
/	: Search site
f or F	: Jump to
y or Y	: Canonical URL