tsautocert

package

v0.0.0-...-bda8ed4 Latest Latest Go to latest Published: Feb 11, 2026 License: MIT Imports: 22 Imported by: 0

Details

Valid go.mod file
Redistributable license
Tagged version
Stable version
Learn more about best practices

Repository

github.com/adrianosela/tsdmg

Links

Open Source Insights

Documentation ¶

Index ¶

Variables
type CertificateManager
- func NewCertificateManager(ctx context.Context, tsdmg tsdmg.Client, commonName string, opts ...Option) (*CertificateManager, error)
type Option

Constants ¶

This section is empty.

Variables ¶

View Source

var (
	ErrNoCertificateAvailable   = errors.New("no certificate available")
	ErrCertificateManagerClosed = errors.New("certificate manager is closed")
)

Functions ¶

This section is empty.

Types ¶

type CertificateManager ¶

type CertificateManager struct {
	// contains filtered or unexported fields
}

CertificateManager represents a certificate manager that provides automatic access to certificates from Let's Encrypt and any other ACME-based CA... similar to golang.org/x/crypto/acme/autocert except that this package solves the ACME "dns-01" challenge (instead of "http-01") by using a tsdmg client to create the TXT records required to prove domain ownership.

func NewCertificateManager ¶

func NewCertificateManager(
	ctx context.Context,
	tsdmg tsdmg.Client,
	commonName string,
	opts ...Option,
) (*CertificateManager, error)

func (*CertificateManager) Close ¶

func (c *CertificateManager) Close() error

Close gracefully closes the CertificateManager.

func (*CertificateManager) GetCertificate ¶

func (c *CertificateManager) GetCertificate(hi *tls.ClientHelloInfo) (*tls.Certificate, error)

func (*CertificateManager) WaitForInitialCert ¶

func (c *CertificateManager) WaitForInitialCert(ctx context.Context) error

type Option ¶

type Option func(*config)

Option represents a configuration option for initializing a client.

func WithACMEAContact ¶

func WithACMEAContact(acmeContact []string) Option

WithACMEAContact is a configuration option to configure contact details for the ACME account e.g.

func WithACMEAccountKey ¶

func WithACMEAccountKey(acmeAccountKey crypto.Signer) Option

WithACMEAccountKey is a configuration option to configure an ACME account key. If this option is unset, a key will be generated at runtime.

func WithCertificateCache ¶

func WithCertificateCache(cache autocert.Cache) Option

WithCertificateCache is a configuration option to configure certificate (and private key) caching. If this option is not set, the runtime will always attempt to fetch certificates from the acme proxy server on start-up, and will be unable to persist retrieved certiticates.

It is always a good idea to specify a cache strategy... Or the acme proxy will likely hit rate limits for the CN and SANS requested.

func WithLogger ¶

func WithLogger(logger logger.Logger) Option

WithLogger is a configuration option to configure a logger. If this option is not set a log/slog logger is used with a JSON handler.

func WithSANs ¶

func WithSANs(sans ...string) Option

WithSANs is a configuration option to pass additional hostnames to be requested in certificates as SANs.

Source Files ¶

View all Source files

Directories ¶

Path	Synopsis
certcache
csrgen
dns01

?	: This menu
/	: Search site
f or F	: Jump to
y or Y	: Canonical URL