revoke

func (*RevokeManager) GenCRL ¶

func (m *RevokeManager) GenCRL(caFile, caKeyFile string, caCfg *config.Config, profile string, certPem []byte) (err error)

generate certificate revoke list cfssl gencrl INPUT-FILE CERT KEY TIME

func (*RevokeManager) InsertCert ¶

func (m *RevokeManager) InsertCert(certPem []byte) (serial string, err error)

x509 certificate PEM. 获取序列号> openssl x509 -in /path/from/cert_file -noout -serial -subject cfssl revoke -db-config config_file -serial serial -aki authority_key_id [-reason reason] cfssl revoke -ca ca.pem -config ca-config.json cert.pem > revoked.pem

func (*RevokeManager) IsCertRevoked ¶

func (m *RevokeManager) IsCertRevoked(certPem []byte) (revoked bool, err error)

x509 certificate PEM.

func (*RevokeManager) IsCertRevokedBySerial ¶

func (m *RevokeManager) IsCertRevokedBySerial(aki string, serial string) (revoked bool, err error)

func (*RevokeManager) RevokeCert ¶

func (m *RevokeManager) RevokeCert(certPem []byte) (err error)

x509 certificate PEM.

func (*RevokeManager) RevokeCertBySerial ¶

func (m *RevokeManager) RevokeCertBySerial(aki string, serial string) (err error)

func (*RevokeManager) SetDbAccessor ¶

func (m *RevokeManager) SetDbAccessor(dbAccessor certdb.Accessor)