Documentation
¶
Overview ¶
Package gencert generates a certificate authority (CA) and a server certificate signed by it.
Index ¶
- Constants
- func DoesCertAlreadyExist(certPath string) (bool, error)
- func GenerateCA(now time.Time, caCertPath string) (*x509.Certificate, *ecdsa.PrivateKey, error)
- func GenerateCertificate(req *CertReq) (*x509.Certificate, []byte, error)
- func GenerateServerCerts(hostnames []string, caPath, certPath, keyPath string) (existingCert bool, err error)
- type CertReq
Constants ¶
const ( CaOrganization = "F5 Inc. CA" CertOrganization = "F5 Inc." CertFilePermissions = 0o600 KeyFilePermissions = 0o600 )
Predefined constants for Org and file permissions
Variables ¶
This section is empty.
Functions ¶
func DoesCertAlreadyExist ¶
Returns true if a valid certificate is found at certPath
func GenerateCA ¶
func GenerateCA(now time.Time, caCertPath string) (*x509.Certificate, *ecdsa.PrivateKey, error)
Generates a CA, returns x509 Certificate and private key for signing server certificates
func GenerateCertificate ¶
func GenerateCertificate(req *CertReq) (*x509.Certificate, []byte, error)
Returns x509 Certificate object and bytes in PEM format
func GenerateServerCerts ¶
func GenerateServerCerts(hostnames []string, caPath, certPath, keyPath string) (existingCert bool, err error)
GenerateServerCerts creates a server CA, Cert and Key and writes them to specified destinations. Hostnames are a list of subject alternative names. If cert files are already present, does nothing, returns true.
Types ¶
type CertReq ¶
type CertReq struct {
Template *x509.Certificate
Parent *x509.Certificate
PublicKey *ecdsa.PublicKey
PrivateKey *ecdsa.PrivateKey
}
CertReq contains a ECDSA key pair and 2 x509.Certificate templates, a server and parent. When generating a CA, template and parent are identical, making the CA "self-signed". When generating a server certificate, the `parent` is the CA template and `template` is the server.
Source Files