Home | History | Annotate | Download | only in tls

Lines Matching refs:Certificate

110 // Certificate types (for certificateRequestMsg)
112 	certTypeRSASign    = 1 // A certificate containing an RSA key
113 	certTypeDSSSign    = 2 // A certificate containing a DSA key
114 	certTypeRSAFixedDH = 3 // A certificate containing a static DH key
115 	certTypeDSSFixedDH = 4 // A certificate containing a static DH key
118 	certTypeECDSASign      = 64 // A certificate containing an ECDSA-capable public key, signed with ECDSA.
119 	certTypeRSAFixedECDH   = 65 // A certificate containing an ECDH-capable public key, signed with RSA.
120 	certTypeECDSAFixedECDH = 66 // A certificate containing an ECDH-capable public key, signed with ECDSA.
165 	PeerCertificates            []*x509.Certificate   // certificate chain presented by remote peer
166 	VerifiedChains              [][]*x509.Certificate // verified chains built from PeerCertificates
198 	serverCertificates []*x509.Certificate   // Certificate chain presented by the server
199 	verifiedChains     [][]*x509.Certificate // Certificate chains we built for verification
216 // guide certificate selection in the GetCertificate callback.
256 	// Certificates contains one or more certificate chains
258 	// Server configurations must include at least one certificate.
259 	Certificates []Certificate
261 	// NameToCertificate maps from a certificate name to an element of
262 	// Certificates. Note that a certificate name can be of the form
267 	NameToCertificate map[string]*Certificate
269 	// GetCertificate returns a Certificate based on the given
273 	// If GetCertificate is nil or returns nil, then the certificate is
276 	GetCertificate func(clientHello *ClientHelloInfo) (*Certificate, error)
278 	// RootCAs defines the set of root certificate authorities
295 	// ClientCAs defines the set of root certificate authorities
296 	// that servers use if required to verify a client certificate
301 	// server's certificate chain and host name.
302 	// If InsecureSkipVerify is true, TLS accepts any certificate
303 	// presented by the server and any host name in that certificate.
499 // getCertificate returns the best certificate for the given ClientHelloInfo,
501 func (c *Config) getCertificate(clientHello *ClientHelloInfo) (*Certificate, error) {
539 	// If nothing matches, return the first certificate.
547 	c.NameToCertificate = make(map[string]*Certificate)
550 		x509Cert, err := x509.ParseCertificate(cert.Certificate[0])
563 // A Certificate is a chain of one or more certificates, leaf first.
564 type Certificate struct {
565 	Certificate [][]byte
576 	// Certificate Timestamps which will be served to clients that request it.
578 	// Leaf is the parsed form of the leaf certificate, which may be
581 	// leaf certificate will be parsed as needed.
582 	Leaf *x509.Certificate