Documentation
¶
Overview ¶
The backend package contains the various options for storing the actual private keys. Currently only a file backend is supported
Index ¶
Constants ¶
This section is empty.
Variables ¶
var ErrAlreadyStarted = errors.New("certificate monitor already started")
ErrAlreadyStarted is returned when start is called on an already running monitor
var ErrInvalidDuration = errors.New("given time period is invalid")
ErrInvalidDuration is given when a period duration is 0 or negative
var ErrNotFound = errors.New("entry not found")
ErrNotFound indicates that the specified crypto storage entry couldn't be found.
Functions ¶
func NewFileSystemBackend ¶
Create a new filesystem backend, all directories will be created for the given path Using a filesystem backend in production is not recommended!
Types ¶
type CertificateMonitor ¶ added in v0.15.0
type CertificateMonitor struct {
// contains filtered or unexported fields
}
CertificateMonitor represents a go procedure which monitors expiring certificates within a given period.
func DefaultCertificateMonitors ¶ added in v0.15.0
func DefaultCertificateMonitors(storage Storage) []*CertificateMonitor
DefaultCertificateMonitors returns 3 CertificateMonitors with the following periods: 1 day, 1 week and 4 weeks.
func (*CertificateMonitor) Start ¶ added in v0.15.0
func (cm *CertificateMonitor) Start() error
Start the certificate monitor for checking expiring certificates between now and the configure period.
func (*CertificateMonitor) Stop ¶ added in v0.15.0
func (cm *CertificateMonitor) Stop()
Stop the certificate monitor
type FileOpenError ¶
type FileOpenError struct {
// contains filtered or unexported fields
}
func (*FileOpenError) Error ¶
func (f *FileOpenError) Error() string
Error returns the string representation
func (*FileOpenError) Unwrap ¶
func (f *FileOpenError) Unwrap() error
UnWrap is needed for FileOpenError to be UnWrapped
type Storage ¶
type Storage interface {
GetPrivateKey(key types.KeyIdentifier) (*rsa.PrivateKey, error)
GetPublicKey(key types.KeyIdentifier) (*rsa.PublicKey, error)
PrivateKeyExists(key types.KeyIdentifier) bool
SavePrivateKey(keyIdentifier types.KeyIdentifier, key *rsa.PrivateKey) error
SaveCertificate(key types.KeyIdentifier, certificate []byte) error
GetCertificate(key types.KeyIdentifier) (*x509.Certificate, error)
CertificateExists(key types.KeyIdentifier) bool
// GetExpiringCertificates lists all certificates that will expire between given times.
// Till must be > from, otherwise an error is returned.
GetExpiringCertificates(from time.Time, till time.Time) ([]*x509.Certificate, error)
}
Storage interface containing functions for storing and retrieving keys
Source Files