import { type AgentTLSCertificateResponse } from '../lib/api.js'; import { type TLSConfig } from '../lib/config/types.js'; /** * Check if TLS is enabled in config */ export declare function isTLSEnabled(): boolean; /** * Get TLS config with defaults - exported for use by daemon */ export declare function getTLSConfig(): Required> & TLSConfig; /** * Set callback for when certificate is updated (for HTTPS server hot-reload) */ export declare function onCertificateUpdated(callback: (certPath: string, keyPath: string) => void): void; /** * Start the TLS certificate manager service */ export declare function startTLSCertificateManager(): Promise; /** * Ensure TLS certificate is ready (fetched from vault if needed) * This starts the TLS manager and waits for the certificate to be available. * Returns the cert paths for use by HTTPS server. */ export declare function ensureCertificateReady(): Promise<{ certPath: string; keyPath: string; httpsPort: number; keepHttpServer: boolean; } | null>; /** * Stop the TLS certificate manager service */ export declare function stopTLSCertificateManager(): void; /** * Force immediate certificate renewal */ export declare function forceRenewal(): Promise; /** * Get current TLS manager status */ export declare function getTLSManagerStatus(): { isRunning: boolean; tlsEnabled: boolean; certExpiresAt: string | null; daysUntilExpiry: number | null; lastCheckAt: string | null; lastRenewalAt: string | null; agentTlsCertId: string | null; certPath: string; keyPath: string; }; //# sourceMappingURL=tls-certificate-manager.d.ts.map