go-spiffe (v1) library

Deprecation Warning

NOTE: This version of the library will be deprecated soon.

The new v2 module is currently in alpha release and published under github.com/spiffe/go-spiffe/v2, following go module guidelines.

New code should consider using the v2 module.

See the v2 README for more details.

Overview

The go-spiffe project provides two components:

• a command-line utility to parse and verify SPIFFE identities encoded in X.509 certificates as described in the SPIFFE Standards.
• a client library that provides an interface to the SPIFFE Workload API.

Installing it

go get -u -v github.com/spiffe/go-spiffe

Importing it in your Go code

See the examples or visit the documentation for more information.

Installing the command line interface

The command line interface can be used to retrieve and view URIs stored in the SAN extension of certificates

go get -u -v github.com/spiffe/go-spiffe/cmd/spiffe
spiffe testdata/leaf.cert.pem $HOME/certs/proj.pem
Path:: #1: "testdata/leaf.cert.pem"
  URI #1: "spiffe://dev.acme.com/path/service"