agent/pkg/certs

Certificate management package for creating and extracting certificate archives.

Overview

This package provides utilities for packaging SSL certificates into ZIP archives and extracting them. It is used by the GoDoxy Agent to distribute certificates to clients in a convenient format.

Architecture

Public Functions

ZipCert

func ZipCert(ca, crt, key []byte) ([]byte, error)

Creates a ZIP archive containing three PEM files:

• ca.pem - CA certificate
• cert.pem - Server/client certificate
• key.pem - Private key

Parameters:

• ca - CA certificate in PEM format
• crt - Certificate in PEM format
• key - Private key in PEM format

Returns:

• ZIP archive bytes
• Error if packing fails

ExtractCert

func ExtractCert(data []byte) (ca, crt, key []byte, err error)

Extracts certificates from a ZIP archive created by ZipCert.

Parameters:

• data - ZIP archive bytes

Returns:

• ca - CA certificate bytes
• crt - Certificate bytes
• key - Private key bytes
• Error if extraction fails

AgentCertsFilepath

func AgentCertsFilepath(host string) (filepathOut string, ok bool)

Generates the file path for storing agent certificates.

Parameters:

• host - Agent hostname

Returns:

• Full file path within certs/ directory
• false if host is invalid (contains path separators or special characters)

isValidAgentHost

func isValidAgentHost(host string) bool

Validates that a host string is safe for use in file paths.

Constants

const AgentCertsBasePath = "certs"

Base directory for storing certificate archives.

File Format

The ZIP archive uses zip.Store compression (no compression) for fast creation and extraction. Each file is stored with its standard name (ca.pem, cert.pem, key.pem).