ZeroSSLIssuer can get certificates from ZeroSSL's API. (To use ZeroSSL's ACME endpoint, use the ACMEIssuer instead.) Note that use of the API is restricted by payment tier.
| 35 | // endpoint, use the ACMEIssuer instead.) Note that use of the API is restricted |
| 36 | // by payment tier. |
| 37 | type ZeroSSLIssuer struct { |
| 38 | // The API key (or "access key") for using the ZeroSSL API. |
| 39 | // REQUIRED. |
| 40 | APIKey string |
| 41 | |
| 42 | // Where to store verification material temporarily. |
| 43 | // All instances in a cluster should have the same |
| 44 | // Storage value to enable distributed verification. |
| 45 | // REQUIRED. (TODO: Make it optional for those not |
| 46 | // operating in a cluster. For now, it's simpler to |
| 47 | // put info in storage whether distributed or not.) |
| 48 | Storage Storage |
| 49 | |
| 50 | // How many days the certificate should be valid for. |
| 51 | ValidityDays int |
| 52 | |
| 53 | // The host to bind to when opening a listener for |
| 54 | // verifying domain names (or IPs). |
| 55 | ListenHost string |
| 56 | |
| 57 | // If HTTP is forwarded from port 80, specify the |
| 58 | // forwarded port here. |
| 59 | AltHTTPPort int |
| 60 | |
| 61 | // To use CNAME validation instead of HTTP |
| 62 | // validation, set this field. |
| 63 | CNAMEValidation *DNSManager |
| 64 | |
| 65 | // Delay between poll attempts. |
| 66 | PollInterval time.Duration |
| 67 | |
| 68 | // An optional (but highly recommended) logger. |
| 69 | Logger *zap.Logger |
| 70 | } |
| 71 | |
| 72 | // Issue obtains a certificate for the given csr. |
| 73 | func (iss *ZeroSSLIssuer) Issue(ctx context.Context, csr *x509.CertificateRequest) (*IssuedCertificate, error) { |
nothing calls this directly
no outgoing calls
no test coverage detected