Sebastiaan van Stijn 8d25f25515 certdb/sql: remove uses of github.com/stretchr/testify/require | %!s(int64=2) %!d(string=hai) anos | |
---|---|---|
.. | ||
dbconf | %!s(int64=2) %!d(string=hai) anos | |
mysql | %!s(int64=4) %!d(string=hai) anos | |
ocspstapling | %!s(int64=2) %!d(string=hai) anos | |
pg | %!s(int64=2) %!d(string=hai) anos | |
sql | hai 1 ano | |
sqlite | %!s(int64=4) %!d(string=hai) anos | |
testdb | %!s(int64=2) %!d(string=hai) anos | |
README.md | %!s(int64=5) %!d(string=hai) anos | |
certdb.go | %!s(int64=2) %!d(string=hai) anos |
Using a database enables additional functionality for existing commands when a db config is provided:
sign
and gencert
add a certificate to the certdb after signing itserve
enables database functionality for the sign and revoke endpointsA database is required for the following:
revoke
marks certificates revoked in the database with an optional reasonocsprefresh
refreshes the table of cached OCSP responsesocspdump
outputs cached OCSP responses in a concatenated base64-encoded formatThis directory stores goose db migration scripts for various DB backends. Currently supported:
go get bitbucket.org/liamstask/goose/cmd/goose
To start a MySQL using goose:
goose -path certdb/mysql up
To tear down a MySQL DB using goose
goose -path certdb/mysql down
Note: the administration of MySQL DB is not included. We assume the databases being connected to are already created and access control is properly handled.
To start a PostgreSQL using goose:
goose -path certdb/pg up
To tear down a PostgreSQL DB using goose
goose -path certdb/pg down
Note: the administration of PostgreSQL DB is not included. We assume the databases being connected to are already created and access control is properly handled.
To start a SQLite DB using goose:
goose -path certdb/sqlite up
To tear down a SQLite DB using goose
goose -path certdb/sqlite down
Several cfssl commands take a -db-config flag. Create a file with a JSON dictionary:
{"driver":"sqlite3","data_source":"certs.db"}
or
{"driver":"postgres","data_source":"postgres://user:password@host/db"}
or
{"driver":"mysql","data_source":"user:password@tcp(hostname:3306)/db?parseTime=true"}