| 123456789101112131415161718192021222324252627282930313233343536373839404142 |
- // Package transport implements functions for facilitating proper TLS-secured
- // communications for clients and servers.
- //
- // Clients should build an identity (of the core.identity) type, such as
- //
- // var id = &core.Identity{
- // Request: &csr.CertificateRequest{
- // CN: "localhost test certificate",
- // },
- // Profiles: map[string]map[string]string{
- // "paths": map[string]string{
- // "private_key": "client.key",
- // "certificate": "client.pem",
- // },
- // "cfssl": {
- // "label": "",
- // "profile": "client-ca",
- // "remote": "ca.example.net",
- // "auth-type": "standard",
- // "auth-key": "000102030405060708090a0b0c0d0e0f",
- // },
- // },
- // }
- //
- // The New function will return a transport built using the
- // NewKeyProvider and NewCA functions. These functions may be changed
- // by other packages to provide common key provider and CA
- // configurations. Clients can then use RefreshKeys (or launch
- // AutoUpdate in a goroutine) to ensure the certificate and key are
- // loaded and correct. The Listen and Dial functions then provide the
- // necessary connection support.
- //
- // The AutoUpdate function will handle automatic certificate
- // issuance. Servers and clients are not required to take any special
- // action when the certificate is updated: the key and certificate are
- // only used when establishing a connection, and therefore existing
- // connections are not affected---there is no need to reset or restart
- // any existing connections. Clients should run AutoUpdate if they
- // plan on making multiple connections or will be reconnecting; for a
- // one-off connection, it isn't necessary.
- package transport
|
