Documentation
¶
Index ¶
Constants ¶
This section is empty.
Variables ¶
This section is empty.
Functions ¶
func AbsTLSClient ¶
func AbsTLSClient(cfg *ClientTLSConfig, configDir string) error
AbsTLSClient makes TLS client files absolute
func GetClientTLSConfig ¶
func GetClientTLSConfig(cfg *ClientTLSConfig, csp core.CryptoSuite) (*tls.Config, error)
GetClientTLSConfig creates a tls.Config object from certs and roots
Types ¶
type ClientAuth ¶
type ClientAuth struct {
Type string `def:"noclientcert" help:"Policy the server will follow for TLS Client Authentication."`
CertFiles []string `help:"A list of comma-separated PEM-encoded trusted certificate files (e.g. root1.pem,root2.pem)"`
}
ClientAuth defines the key material needed to verify client certificates
type ClientTLSConfig ¶
type ClientTLSConfig struct {
Enabled bool `skip:"true"`
CertFiles []string `help:"A list of comma-separated PEM-encoded trusted certificate files (e.g. root1.pem,root2.pem)"`
Client KeyCertFiles
}
ClientTLSConfig defines the key material for a TLS client
type KeyCertFiles ¶
type KeyCertFiles struct {
KeyFile string `help:"PEM-encoded key file when mutual authentication is enabled"`
CertFile string `help:"PEM-encoded certificate file when mutual authenticate is enabled"`
}
KeyCertFiles defines the files need for client on TLS
type ServerTLSConfig ¶
type ServerTLSConfig struct {
Enabled bool `help:"Enable TLS on the listening port"`
CertFile string `def:"tls-cert.pem" help:"PEM-encoded TLS certificate file for server's listening port"`
KeyFile string `help:"PEM-encoded TLS key for server's listening port"`
ClientAuth ClientAuth
}
ServerTLSConfig defines key material for a TLS server
Source Files
Click to show internal directories.
Click to hide internal directories.