issuer

package

v0.3.1 Latest Latest Go to latest Published: Apr 29, 2021 License: MIT Imports: 11 Imported by: 0

Details

Valid go.mod file
Redistributable license
Tagged version
Stable version
Learn more about best practices

Repository

github.com/akabos/multiproxy

Links

Open Source Insights

Documentation ¶

Index ¶

Constants
Variables
type Issuer
type SelfSignedCA
- func (ca *SelfSignedCA) Issue(cn string, dnsnames []string, ipaddresses []net.IP) (*tls.Certificate, error)

Constants ¶

View Source

const DefaultIssuerBitSize = 1024

DefaultIssuerBitSize defines default bit size for issued certs.

View Source

const DefaultIssuerRootBitSize = 2048

DefaultIssuerRootBitSize defines default bit size for a self-signed root cert.

Variables ¶

View Source

var (
	// DefaultIssuerRootTmpl is the default template for self-signed root CA certificate.
	DefaultIssuerRootTmpl = x509.Certificate{
		SerialNumber: big.NewInt(1),
		Issuer: pkix.Name{
			CommonName:   "issuer.example.org",
			Organization: []string{"Multiproxy Issuer Org"},
		},
		Subject: pkix.Name{
			CommonName:   "root.example.org",
			Organization: []string{"Multiproxy Root Org"},
		},
		NotBefore:             time.Now(),
		NotAfter:              time.Now().Add(time.Hour * 24 * 365 * 2),
		IsCA:                  true,
		BasicConstraintsValid: true,
		OCSPServer:            []string{"ocsp.example.org"},
		DNSNames:              []string{"root.example.org"},
		SignatureAlgorithm:    x509.SHA1WithRSA,
		KeyUsage:              x509.KeyUsageCertSign,
	}

	// DefaultIssuerTmpl is the default template for issued certificates.
	DefaultIssuerTmpl = x509.Certificate{
		SerialNumber: big.NewInt(1),
		Subject: pkix.Name{
			Country:      []string{"AQ"},
			Organization: []string{"Multiproxy"},
		},
		KeyUsage:    x509.KeyUsageDigitalSignature,
		ExtKeyUsage: []x509.ExtKeyUsage{x509.ExtKeyUsageServerAuth},
	}
)

Functions ¶

This section is empty.

Types ¶

type Issuer ¶

type Issuer interface {
	Issue(cn string, dnsnames []string, ipaddresses []net.IP) (*tls.Certificate, error)
}

Issuer defines interface for on-flight certificate generator

type SelfSignedCA ¶

type SelfSignedCA struct {
	// Cert is a cert chain used to sign newly issued certs. The cert's primary usage must be x509.KeyUsageCertSign
	//
	// If nil, a self-signed cert will be generated.
	Cert *tls.Certificate

	// BitSize defines bit size for issued certificate keys generation.
	//
	// If 0, DefaultIssuerBitSize will be used.
	BitSize int

	// RootBitSize defines bit size for self-signed root certificate key generation.
	//
	// If 0, DefaultIssuerRootBitSize will be used.
	RootBitSize int

	// Tmpl is a template for issued certificates.
	//
	// If nil, DefaultIssuerTmpl will be used.
	Tmpl *x509.Certificate

	// RootTmpl is a template for self-signed root certificate.
	//
	// If nil, DefaultIssuerRootTmpl will be used.
	RootTmpl *x509.Certificate

	// Rand is a source of randomness for generated certs.
	//
	// If nil, crypto/rand.Reader will be used.
	Rand io.Reader
	// contains filtered or unexported fields
}

SelfSignedCA defines an Issuer. Zero value is a valid instance.

func (*SelfSignedCA) Issue ¶

func (ca *SelfSignedCA) Issue(cn string, dnsnames []string, ipaddresses []net.IP) (*tls.Certificate, error)

Issue implements Issuer interface

Source Files ¶

View all Source files

issuer.go

?	: This menu
/	: Search site
f or F	: Jump to
y or Y	: Canonical URL