general

package
v2.25.0 Latest Latest
Warning

This package is not in the latest version of its module.

 Go to latest Published: Jul 3, 2025 License: Apache-2.0 Imports: 27 Imported by: 0

Documentation

Index

Constants

This section is empty.

Variables

This section is empty.

Functions

func ClientLogger added in v2.25.0 

func ClientLogger(logger log.Logger) log.Logger

func NewHTTPClient added in v2.25.0 

func NewHTTPClient(config pkgTls.HTTPConfigurer, fileWatcher *fsnotify.Watcher, logger log.Logger, tracerProvider trace.TracerProvider, opts ...SetOption) (*client.Client, error)

Types

type CRLCache added in v2.25.0 

type CRLCache struct {
	// contains filtered or unexported fields
}

func NewCRLCache added in v2.25.0 

func NewCRLCache(config pkgTls.HTTPConfigurer, fileWatcher *fsnotify.Watcher, logger log.Logger, tracerProvider trace.TracerProvider) (*CRLCache, error)

func (*CRLCache) Close added in v2.25.0 

func (c *CRLCache) Close()

func (*CRLCache) GetRevocationList added in v2.25.0 

func (c *CRLCache) GetRevocationList(ctx context.Context, distributionPoint string) (*x509.RevocationList, error)

func (*CRLCache) GetRevocationListByHTTP added in v2.25.0 

func (c *CRLCache) GetRevocationListByHTTP(ctx context.Context, distributionPoint string) (*x509.RevocationList, error)

type CertManager 

type CertManager struct {
	// contains filtered or unexported fields
}

CertManager holds certificates from filesystem watched for changes

func New 

func New(config Config, fileWatcher *fsnotify.Watcher, logger log.Logger, tracerProvider trace.TracerProvider, opts ...SetOption) (*CertManager, error)

New creates a new certificate manager which watches for certs in a filesystem

func (*CertManager) Close 

func (a *CertManager) Close()

Close ends watching certificates

func (*CertManager) GetCertificateAuthorities 

func (a *CertManager) GetCertificateAuthorities() *x509.CertPool

GetCertificateAuthorities returns certificates authorities

func (*CertManager) GetClientTLSConfig 

func (a *CertManager) GetClientTLSConfig() *tls.Config

GetClientTLSConfig returns tls configuration for clients

func (*CertManager) GetServerTLSConfig 

func (a *CertManager) GetServerTLSConfig() *tls.Config

GetServerTLSConfig returns tls configuration for servers

func (*CertManager) VerifyByCRL added in v2.25.0 

func (a *CertManager) VerifyByCRL(ctx context.Context, certificate *x509.Certificate, cdps []string) error

type ClientCertManager added in v2.25.0 

type ClientCertManager struct {
	// contains filtered or unexported fields
}

CertManager holds certificates from filesystem watched for changes

func NewClientCertManager added in v2.25.0 

func NewClientCertManager(config pkgTls.ClientConfig, fileWatcher *fsnotify.Watcher, logger log.Logger, tracerProvider trace.TracerProvider, opts ...SetOption) (*ClientCertManager, error)

New creates a new certificate manager which watches for certs in a filesystem

func (*ClientCertManager) Close added in v2.25.0 

func (c *ClientCertManager) Close()

Close ends watching certificates

func (*ClientCertManager) GetTLSConfig added in v2.25.0 

func (c *ClientCertManager) GetTLSConfig() *tls.Config

GetTLSConfig returns tls configuration for clients

type Config 

type Config struct {
	CAPool                    []urischeme.URIScheme `yaml:"caPool" json:"caPool" description:"file path to the root certificates in PEM format"`
	KeyFile                   urischeme.URIScheme   `yaml:"keyFile" json:"keyFile" description:"file name of private key in PEM format"`
	CertFile                  urischeme.URIScheme   `yaml:"certFile" json:"certFile" description:"file name of certificate in PEM format"`
	ClientCertificateRequired bool                  `yaml:"clientCertificateRequired" json:"clientCertificateRequired" description:"require client certificate"`
	UseSystemCAPool           bool                  `yaml:"useSystemCAPool" json:"useSystemCaPool" description:"use system certification pool"`
	CRL                       pkgTls.CRLConfig      `yaml:"crl" json:"crl"`

	CAPoolIsOptional bool `yaml:"-" json:"-"`
}

Config provides configuration of a file based Server Certificate manager

func ClientConfig added in v2.25.0 

func ClientConfig(caPoolArray []urischeme.URIScheme, keyFile, certFile urischeme.URIScheme, useSystemCAPool bool, crl pkgTls.CRLConfig) Config

func (Config) Validate 

func (c Config) Validate(client bool) error

type Options added in v2.25.0 

type Options struct {
	CustomDistributionPointVerification pkgX509.CustomDistributionPointVerification
}

type SetOption added in v2.25.0 

type SetOption = func(cfg *Options)

func WithCustomDistributionPointVerification added in v2.25.0 

func WithCustomDistributionPointVerification(customDistributionPointVerification pkgX509.CustomDistributionPointVerification) SetOption

WithCustomDistributionPointVerification returns a SetOption that configures custom distribution point verification behavior

Source Files

View all Source files

Jump to

Keyboard shortcuts

? : This menu
/ : Search site
f or F : Jump to
y or Y : Canonical URL
go.dev uses cookies from Google to deliver and enhance the quality of its services and to analyze traffic. Learn more.