Documentation
¶
Overview ¶
Package certregistry provides building blocks to have more than one certificate and use SNI to select the right certificate for the request.
Index ¶
Constants ¶
This section is empty.
Variables ¶
This section is empty.
Functions ¶
This section is empty.
Types ¶
type CertRegistry ¶
type CertRegistry struct {
// contains filtered or unexported fields
}
CertRegistry object holds TLS certificates to be used to terminate TLS connections ensuring synchronized access to them.
func NewCertRegistry ¶
func NewCertRegistry() *CertRegistry
NewCertRegistry initializes the certificate registry.
func (*CertRegistry) ConfigureCertificate ¶
func (r *CertRegistry) ConfigureCertificate(host string, cert *tls.Certificate) error
ConfigureCertificate for the host if no configuration exists or if certificate is valid (`NotBefore` field) after previously configured certificate.
func (*CertRegistry) GetCertFromHello ¶
func (r *CertRegistry) GetCertFromHello(hello *tls.ClientHelloInfo) (*tls.Certificate, error)
GetCertFromHello reads the SNI from a TLS client and returns the appropriate certificate. If no certificate is found for the host it will return nil.
Source Files
Click to show internal directories.
Click to hide internal directories.