Lines Matching refs:Certificate
110 // Certificate types (for certificateRequestMsg)
112 certTypeRSASign = 1 // A certificate containing an RSA key
113 certTypeDSSSign = 2 // A certificate containing a DSA key
114 certTypeRSAFixedDH = 3 // A certificate containing a static DH key
115 certTypeDSSFixedDH = 4 // A certificate containing a static DH key
118 certTypeECDSASign = 64 // A certificate containing an ECDSA-capable public key, signed with ECDSA.
119 certTypeRSAFixedECDH = 65 // A certificate containing an ECDH-capable public key, signed with RSA.
120 certTypeECDSAFixedECDH = 66 // A certificate containing an ECDH-capable public key, signed with ECDSA.
165 PeerCertificates []*x509.Certificate // certificate chain presented by remote peer
166 VerifiedChains [][]*x509.Certificate // verified chains built from PeerCertificates
198 serverCertificates []*x509.Certificate // Certificate chain presented by the server
199 verifiedChains [][]*x509.Certificate // Certificate chains we built for verification
216 // guide certificate selection in the GetCertificate callback.
256 // Certificates contains one or more certificate chains
258 // Server configurations must include at least one certificate.
259 Certificates []Certificate
261 // NameToCertificate maps from a certificate name to an element of
262 // Certificates. Note that a certificate name can be of the form
267 NameToCertificate map[string]*Certificate
269 // GetCertificate returns a Certificate based on the given
273 // If GetCertificate is nil or returns nil, then the certificate is
276 GetCertificate func(clientHello *ClientHelloInfo) (*Certificate, error)
278 // RootCAs defines the set of root certificate authorities
295 // ClientCAs defines the set of root certificate authorities
296 // that servers use if required to verify a client certificate
301 // server's certificate chain and host name.
302 // If InsecureSkipVerify is true, TLS accepts any certificate
303 // presented by the server and any host name in that certificate.
499 // getCertificate returns the best certificate for the given ClientHelloInfo,
501 func (c *Config) getCertificate(clientHello *ClientHelloInfo) (*Certificate, error) {
539 // If nothing matches, return the first certificate.
547 c.NameToCertificate = make(map[string]*Certificate)
550 x509Cert, err := x509.ParseCertificate(cert.Certificate[0])
563 // A Certificate is a chain of one or more certificates, leaf first.
564 type Certificate struct {
565 Certificate [][]byte
576 // Certificate Timestamps which will be served to clients that request it.
578 // Leaf is the parsed form of the leaf certificate, which may be
581 // leaf certificate will be parsed as needed.
582 Leaf *x509.Certificate