Documentation
¶
Index ¶
- Constants
- Variables
- func ConvertZipBytesToPem(dataByte []byte, rootFirst bool) (*certificate.PEMCollection, error)
- func GetGCMCertificateScope(scope domain.GCMCertificateScope) *cloudproviders.GCMCertificateScope
- func Load32KeyByte(keyBytes []byte) (*[32]byte, error)
- func PolicyExist(policyName string, c *Connector) (bool, error)
- type ApplicationDetails
- type Certificate
- type CertificateSearchResponse
- type CertificateStatusErrorInformation
- type CertificateTemplates
- type CloudKeystoreProvisioningResult
- type Connector
- func (c *Connector) Authenticate(auth *endpoint.Authentication) error
- func (c *Connector) CreateAPIUserAccount(userName string, password string) (int, *userDetails, error)
- func (c *Connector) CreateUserAccount(userAccount *userAccount) (int, *userDetails, error)
- func (c *Connector) DeleteMachineIdentity(machineIdentityID string) (bool, error)
- func (c *Connector) GenerateRequest(config *endpoint.ZoneConfiguration, req *certificate.Request) (err error)
- func (c *Connector) GetAccessToken(auth *endpoint.Authentication) (*TLSPCAccessTokenResponse, error)
- func (c *Connector) GetCloudKeystore(request domain.GetCloudKeystoreRequest) (*domain.CloudKeystore, error)
- func (c *Connector) GetCloudProvider(request domain.GetCloudProviderRequest) (*domain.CloudProvider, error)
- func (c *Connector) GetMachineIdentity(request domain.GetCloudMachineIdentityRequest) (*domain.CloudMachineIdentity, error)
- func (c *Connector) GetPolicy(name string) (*policy.PolicySpecification, error)
- func (c *Connector) GetPolicyWithRegex(name string) (*policy.PolicySpecification, error)
- func (c *Connector) GetType() endpoint.ConnectorType
- func (c *Connector) GetZonesByParent(parent string) ([]string, error)
- func (c *Connector) ImportCertificate(req *certificate.ImportRequest) (*certificate.ImportResponse, error)
- func (c *Connector) IsCSRServiceGenerated(req *certificate.Request) (bool, error)
- func (c *Connector) ListCertificates(filter endpoint.Filter) ([]certificate.CertificateInfo, error)
- func (c *Connector) Ping() (err error)
- func (c *Connector) ProvisionCertificate(req *domain.ProvisioningRequest, options *domain.ProvisioningOptions) (*domain.ProvisioningMetadata, error)
- func (c *Connector) ProvisionCertificateToMachineIdentity(req domain.ProvisioningRequest) (*domain.ProvisioningMetadata, error)
- func (c *Connector) ReadPolicyConfiguration() (policy *endpoint.Policy, err error)
- func (c *Connector) ReadZoneConfiguration() (config *endpoint.ZoneConfiguration, err error)
- func (c *Connector) RenewCertificate(renewReq *certificate.RenewalRequest) (requestID string, err error)
- func (c *Connector) RequestCertificate(req *certificate.Request) (requestID string, err error)
- func (c *Connector) RequestSSHCertificate(_ *certificate.SshCertRequest) (response *certificate.SshCertificateObject, err error)
- func (c *Connector) ResetCertificate(_ *certificate.Request, _ bool) (err error)
- func (c *Connector) RetireCertificate(retireReq *certificate.RetireRequest) error
- func (c *Connector) RetrieveAvailableSSHTemplates() (response []certificate.SshAvaliableTemplate, err error)
- func (c *Connector) RetrieveCertificate(req *certificate.Request) (*certificate.PEMCollection, error)
- func (c *Connector) RetrieveCertificateMetaData(_ string) (*certificate.CertificateMetaData, error)
- func (c *Connector) RetrieveSSHCertificate(_ *certificate.SshCertRequest) (response *certificate.SshCertificateObject, err error)
- func (c *Connector) RetrieveSshConfig(_ *certificate.SshCaTemplateRequest) (*certificate.SshConfig, error)
- func (c *Connector) RetrieveSystemVersion() (response string, err error)
- func (c *Connector) RevokeCertificate(revReq *certificate.RevocationRequest) (endpoint.RevocationRequestResponse, error)
- func (c *Connector) SearchCertificate(zone string, cn string, sans *certificate.Sans, certMinTimeLeft time.Duration) (certificateInfo *certificate.CertificateInfo, err error)
- func (c *Connector) SearchCertificates(_ *certificate.SearchRequest) (*certificate.CertSearchResponse, error)
- func (c *Connector) SetHTTPClient(client *http.Client)
- func (c *Connector) SetPolicy(name string, ps *policy.PolicySpecification) (string, error)
- func (c *Connector) SetUserAgent(userAgent string)
- func (c *Connector) SetZone(z string)
- func (c *Connector) SupportSynchronousRequestCertificate() bool
- func (c *Connector) SynchronousRequestCertificate(_ *certificate.Request) (certificates *certificate.PEMCollection, err error)
- func (c *Connector) WriteLog(_ *endpoint.LogRequest) (err error)
- type CsrAttributes
- type EdgeEncryptionKey
- type Expression
- type Field
- type KeyStoreRequest
- type KeyTypeParameters
- type Operand
- type Operator
- type OwnerType
- type Paging
- type RevocationRequestResponseCloud
- type SearchRequest
- type SubjectAlternativeNamesByType
- type TLSPCAccessTokenResponse
- type VenafiCertificate
Constants ¶
View Source
const ( RevocationSubmittedFormattedMessage = "The revocation for the certificate ID: %q Thumbprint: %q was successfully submitted." RevocationFailedFormattedMessage = "failed to revoke certificate: ID: %q Thumbprint: %q" RevocationFailedWithErrorFormattedMessage = "failed to revoke certificate: ID: %q Thumbprint: %q Error: %w" RevocationApprovalPendingFormattedMessage = "The revocation for the certificate ID: %q Thumbprint: %q is pending for approval." RevocationRejectedFormattedMessage = "The revocation for the certificate ID: %q Thumbprint: %q was rejected." RevocationRejectedWithReasonFormattedMessage = "The revocation for the certificate ID: %q Thumbprint: %q was rejected. Reason: %s." )
Variables ¶
View Source
var RevocationReasonsMap = map[string]service.RevocationReason{ "": service.RevocationReasonUnspecified, "none": service.RevocationReasonUnspecified, "key-compromise": service.RevocationReasonKeyCompromise, "affiliation-changed": service.RevocationReasonAffiliationChanged, "superseded": service.RevocationReasonSuperseded, "cessation-of-operation": service.RevocationReasonCessationOfOperation, }
RevocationReasonsMap maps *certificate.RevocationRequest.Reason to ca-operations reasons
Functions ¶
func ConvertZipBytesToPem ¶
func ConvertZipBytesToPem(dataByte []byte, rootFirst bool) (*certificate.PEMCollection, error)
func GetGCMCertificateScope ¶ added in v5.10.1
func GetGCMCertificateScope(scope domain.GCMCertificateScope) *cloudproviders.GCMCertificateScope
func Load32KeyByte ¶
Types ¶
type ApplicationDetails ¶
type ApplicationDetails struct {
ApplicationId string `json:"id,omitempty"`
CitAliasToIdMap map[string]string `json:"certificateIssuingTemplateAliasIdMap,omitempty"`
CompanyId string `json:"companyId,omitempty"`
Name string `json:"name,omitempty"`
Description string `json:"description,omitempty"`
OwnerIdType []policy.OwnerIdType `json:"ownerIdsAndTypes,omitempty"`
InternalFqDns []string `json:"internalFqDns,omitempty"`
ExternalIpRanges []string `json:"externalIpRanges,omitempty"`
InternalIpRanges []string `json:"internalIpRanges,omitempty"`
InternalPorts []string `json:"internalPorts,omitempty"`
FullyQualifiedDomainNames []string `json:"fullyQualifiedDomainNames,omitempty"`
IpRanges []string `json:"ipRanges,omitempty"`
Ports []string `json:"ports,omitempty"`
FqDns []string `json:"fqDns,omitempty"`
}
type Certificate ¶
type Certificate struct {
Id string `json:"id"`
ManagedCertificateId string `json:"managedCertificateId"`
CertificateRequestId string `json:"certificateRequestId"`
SubjectCN []string `json:"subjectCN"`
SubjectAlternativeNamesByType map[string][]string `json:"subjectAlternativeNamesByType"`
SerialNumber string `json:"serialNumber"`
Fingerprint string `json:"fingerprint"`
ValidityStart string `json:"validityStart"`
ValidityEnd string `json:"validityEnd"`
ApplicationIds []string `json:"applicationIds"`
}
func (Certificate) ToCertificateInfo ¶
func (c Certificate) ToCertificateInfo() certificate.CertificateInfo
type CertificateSearchResponse ¶
type CertificateSearchResponse struct {
Count int `json:"count"`
Certificates []Certificate `json:"certificates"`
}
func ParseCertificateSearchResponse ¶
func ParseCertificateSearchResponse(httpStatusCode int, body []byte) (searchResult *CertificateSearchResponse, err error)
type CertificateTemplates ¶
type CertificateTemplates struct {
CertificateTemplates []certificateTemplate `json:"certificateIssuingTemplates"`
}
type CloudKeystoreProvisioningResult ¶ added in v5.7.0
type CloudKeystoreProvisioningResult struct {
CloudProviderCertificateID string `json:"cloudProviderCertificateId"`
CloudCertificateName string `json:"cloudProviderCertificateName"`
CloudCertificateVersion string `json:"cloudProviderCertificateVersion"`
MachineIdentityActionType string `json:"machineIdentityActionType"`
MachineIdentityId string `json:"machineIdentityId"`
Error error `json:"error"`
}
type Connector ¶
type Connector struct {
// contains filtered or unexported fields
}
Connector contains the base data needed to communicate with the CyberArk Certificate Manager, SaaS servers
func NewConnector ¶
NewConnector creates a new Connector object used to communicate with CyberArk Certificate Manager, SaaS
func (*Connector) Authenticate ¶
func (c *Connector) Authenticate(auth *endpoint.Authentication) error
Authenticate authenticates the user with CyberArk Certificate Manager, SaaS using the provided API Key
func (*Connector) CreateAPIUserAccount ¶
func (*Connector) CreateUserAccount ¶
func (*Connector) DeleteMachineIdentity ¶ added in v5.7.0
func (*Connector) GenerateRequest ¶
func (c *Connector) GenerateRequest(config *endpoint.ZoneConfiguration, req *certificate.Request) (err error)
GenerateRequest generates a CertificateRequest based on the zone configuration, and returns the request along with the private key.
func (*Connector) GetAccessToken ¶ added in v5.6.0
func (c *Connector) GetAccessToken(auth *endpoint.Authentication) (*TLSPCAccessTokenResponse, error)
func (*Connector) GetCloudKeystore ¶ added in v5.7.0
func (c *Connector) GetCloudKeystore(request domain.GetCloudKeystoreRequest) (*domain.CloudKeystore, error)
func (*Connector) GetCloudProvider ¶ added in v5.7.0
func (c *Connector) GetCloudProvider(request domain.GetCloudProviderRequest) (*domain.CloudProvider, error)
func (*Connector) GetMachineIdentity ¶ added in v5.7.0
func (c *Connector) GetMachineIdentity(request domain.GetCloudMachineIdentityRequest) (*domain.CloudMachineIdentity, error)
func (*Connector) GetPolicy ¶
func (c *Connector) GetPolicy(name string) (*policy.PolicySpecification, error)
func (*Connector) GetPolicyWithRegex ¶
func (c *Connector) GetPolicyWithRegex(name string) (*policy.PolicySpecification, error)
func (*Connector) GetType ¶
func (c *Connector) GetType() endpoint.ConnectorType
func (*Connector) GetZonesByParent ¶
GetZonesByParent returns a list of valid zones for a CyberArk Certificate Manager, SaaS application specified by parent
func (*Connector) ImportCertificate ¶
func (c *Connector) ImportCertificate(req *certificate.ImportRequest) (*certificate.ImportResponse, error)
func (*Connector) IsCSRServiceGenerated ¶
func (c *Connector) IsCSRServiceGenerated(req *certificate.Request) (bool, error)
func (*Connector) ListCertificates ¶
func (c *Connector) ListCertificates(filter endpoint.Filter) ([]certificate.CertificateInfo, error)
func (*Connector) Ping ¶
Ping attempts to connect to the CyberArk Certificate Manager, SaaS API and returns an error if it cannot
func (*Connector) ProvisionCertificate ¶ added in v5.7.0
func (c *Connector) ProvisionCertificate(req *domain.ProvisioningRequest, options *domain.ProvisioningOptions) (*domain.ProvisioningMetadata, error)
func (*Connector) ProvisionCertificateToMachineIdentity ¶ added in v5.7.0
func (c *Connector) ProvisionCertificateToMachineIdentity(req domain.ProvisioningRequest) (*domain.ProvisioningMetadata, error)
func (*Connector) ReadPolicyConfiguration ¶
func (*Connector) ReadZoneConfiguration ¶
func (c *Connector) ReadZoneConfiguration() (config *endpoint.ZoneConfiguration, err error)
ReadZoneConfiguration reads the Zone information needed for generating and requesting a certificate from CyberArk Certificate Manager, SaaS
func (*Connector) RenewCertificate ¶
func (c *Connector) RenewCertificate(renewReq *certificate.RenewalRequest) (requestID string, err error)
RenewCertificate attempts to renew the certificate
func (*Connector) RequestCertificate ¶
func (c *Connector) RequestCertificate(req *certificate.Request) (requestID string, err error)
RequestCertificate submits the CSR to the CyberArk Certificate Manager, SaaS API for processing
func (*Connector) RequestSSHCertificate ¶
func (c *Connector) RequestSSHCertificate(_ *certificate.SshCertRequest) (response *certificate.SshCertificateObject, err error)
func (*Connector) ResetCertificate ¶
func (c *Connector) ResetCertificate(_ *certificate.Request, _ bool) (err error)
ResetCertificate resets the state of a certificate.
func (*Connector) RetireCertificate ¶
func (c *Connector) RetireCertificate(retireReq *certificate.RetireRequest) error
RetireCertificate attempts to retire the certificate
func (*Connector) RetrieveAvailableSSHTemplates ¶
func (c *Connector) RetrieveAvailableSSHTemplates() (response []certificate.SshAvaliableTemplate, err error)
func (*Connector) RetrieveCertificate ¶
func (c *Connector) RetrieveCertificate(req *certificate.Request) (*certificate.PEMCollection, error)
RetrieveCertificate retrieves the certificate for the specified ID
func (*Connector) RetrieveCertificateMetaData ¶
func (c *Connector) RetrieveCertificateMetaData(_ string) (*certificate.CertificateMetaData, error)
func (*Connector) RetrieveSSHCertificate ¶
func (c *Connector) RetrieveSSHCertificate(_ *certificate.SshCertRequest) (response *certificate.SshCertificateObject, err error)
func (*Connector) RetrieveSshConfig ¶
func (c *Connector) RetrieveSshConfig(_ *certificate.SshCaTemplateRequest) (*certificate.SshConfig, error)
func (*Connector) RetrieveSystemVersion ¶
func (*Connector) RevokeCertificate ¶
func (c *Connector) RevokeCertificate(revReq *certificate.RevocationRequest) (endpoint.RevocationRequestResponse, error)
RevokeCertificate attempts to revoke the certificate
func (*Connector) SearchCertificate ¶
func (c *Connector) SearchCertificate(zone string, cn string, sans *certificate.Sans, certMinTimeLeft time.Duration) (certificateInfo *certificate.CertificateInfo, err error)
func (*Connector) SearchCertificates ¶
func (c *Connector) SearchCertificates(_ *certificate.SearchRequest) (*certificate.CertSearchResponse, error)
func (*Connector) SetHTTPClient ¶
func (*Connector) SetUserAgent ¶ added in v5.6.1
func (*Connector) SupportSynchronousRequestCertificate ¶ added in v5.1.0
SupportSynchronousRequestCertificate returns if the connector support synchronous calls to request a certificate.
func (*Connector) SynchronousRequestCertificate ¶ added in v5.1.0
func (c *Connector) SynchronousRequestCertificate(_ *certificate.Request) (certificates *certificate.PEMCollection, err error)
SynchronousRequestCertificate It's not supported yet in CyberArk Certificate Manager, SaaS
type CsrAttributes ¶
type CsrAttributes struct {
CommonName *string `json:"commonName,omitempty"`
Organization *string `json:"organization,omitempty"`
OrganizationalUnits []string `json:"organizationalUnits,omitempty"`
Locality *string `json:"locality,omitempty"`
State *string `json:"state,omitempty"`
Country *string `json:"country,omitempty"`
SubjectAlternativeNamesByType *SubjectAlternativeNamesByType `json:"subjectAlternativeNamesByType,omitempty"`
KeyTypeParameters *KeyTypeParameters `json:"keyTypeParameters,omitempty"`
}
type EdgeEncryptionKey ¶
type EdgeEncryptionKey struct {
Key string `json:"key,omitempty"`
}
type Expression ¶
type KeyStoreRequest ¶
type KeyTypeParameters ¶
type RevocationRequestResponseCloud ¶ added in v5.11.1
type SearchRequest ¶
type SearchRequest struct {
Expression *Expression `json:"expression"`
Ordering *interface{} `json:"ordering,omitempty"`
Paging *Paging `json:"paging,omitempty"`
}
type TLSPCAccessTokenResponse ¶ added in v5.6.0
type VenafiCertificate ¶ added in v5.7.0
type VenafiCertificate struct {
ID string `json:"id,omitempty"`
CertificateStatus string `json:"certificateStatus,omitempty"`
CertificateRequestId string `json:"certificateRequestId,omitempty"`
DekHash string `json:"dekHash,omitempty"`
Fingerprint string `json:"fingerprint,omitempty"`
CertificateSource string `json:"certificateSource,omitempty"`
ValidityEnd time.Time `json:"validityEnd"`
}
Source Files
¶
Directories
Click to show internal directories.
Click to hide internal directories.