cert_manager

package

v0.21.2 Latest Latest Go to latest Published: Nov 24, 2019 License: MIT Imports: 25 Imported by: 0

Details

Valid go.mod file
Redistributable license
Tagged version
Stable version
Learn more about best practices

Repository

github.com/rekby/lets-proxy2

Links

Open Source Insights

Documentation ¶

Index ¶

type AcmeClient
type DomainChecker
type DomainName
type GetContext
type Manager
- func New(client AcmeClient, c cache.Bytes) *Manager
- func (m *Manager) GetCertificate(hello *tls.ClientHelloInfo) (resultCert *tls.Certificate, err error)
- func (m *Manager) HandleHTTPValidation(w http.ResponseWriter, r *http.Request) bool

Constants ¶

This section is empty.

Variables ¶

This section is empty.

Functions ¶

This section is empty.

Types ¶

type AcmeClient ¶ added in v0.20.2

type AcmeClient interface {
	Accept(ctx context.Context, chal *acme.Challenge) (*acme.Challenge, error)
	AuthorizeOrder(ctx context.Context, id []acme.AuthzID, opt ...acme.OrderOption) (*acme.Order, error)
	CreateOrderCert(ctx context.Context, url string, csr []byte, bundle bool) (der [][]byte, certURL string, err error)
	GetAuthorization(ctx context.Context, url string) (*acme.Authorization, error)
	HTTP01ChallengeResponse(token string) (string, error)
	RevokeAuthorization(ctx context.Context, url string) error
	TLSALPN01ChallengeCert(token, domain string, opt ...acme.CertOption) (cert tls.Certificate, err error)
	WaitAuthorization(ctx context.Context, url string) (*acme.Authorization, error)
	WaitOrder(ctx context.Context, url string) (*acme.Order, error)
}

type DomainChecker ¶ added in v0.20.2

type DomainChecker interface {
	// IsDomainAllowed called for check domain for allow certificate
	// It can call concurrency for many domains same time
	// guarantee about domain will correct domain name (as minimum for character set)
	IsDomainAllowed(ctx context.Context, domain string) (bool, error)
}

type DomainName ¶

type DomainName string // Normalized domain name.

func (DomainName) ASCII ¶

func (d DomainName) ASCII() string

func (DomainName) FullString ¶

func (d DomainName) FullString() string

func (DomainName) String ¶

func (d DomainName) String() string

func (DomainName) Unicode ¶

func (d DomainName) Unicode() string

type GetContext ¶

type GetContext interface {
	GetContext() context.Context
}

type Manager ¶

type Manager struct {
	CertificateIssueTimeout time.Duration
	Cache                   cache.Bytes

	// Client is used to perform low-level operations, such as account registration
	// and requesting new certificates.
	//
	// If Client is nil, a zero-value acme.Client is used with acme.LetsEncryptURL
	// as directory endpoint. If the Client.Key is nil, a new ECDSA P-256 key is
	// generated and, if Cache is not nil, stored in cache.
	//
	// Mutating the field after the first call of GetCertificate method will have no effect.
	Client               AcmeClient
	DomainChecker        DomainChecker
	EnableHTTPValidation bool
	EnableTLSValidation  bool
	SaveJSONMeta         bool
	// contains filtered or unexported fields
}

Interface inspired to https://godoc.org/golang.org/x/crypto/acme/autocert#Manager but not compatible guarantee

func New ¶

func New(client AcmeClient, c cache.Bytes) *Manager

func (*Manager) GetCertificate ¶

func (m *Manager) GetCertificate(hello *tls.ClientHelloInfo) (resultCert *tls.Certificate, err error)

GetCertificate implements the tls.Config.GetCertificate hook. nolint:funlen

func (*Manager) HandleHTTPValidation ¶ added in v0.21.0

func (m *Manager) HandleHTTPValidation(w http.ResponseWriter, r *http.Request) bool

Source Files ¶

View all Source files

?	: This menu
/	: Search site
f or F	: Jump to
y or Y	: Canonical URL