tls

package

v1.300051.0 Latest Latest Go to latest Published: Dec 11, 2024 License: MIT Imports: 12 Imported by: 0

Details

Valid go.mod file
Redistributable license
Tagged version
Stable version
Learn more about best practices

Repository

github.com/aws/amazon-cloudwatch-agent

Links

Open Source Insights

Documentation ¶

Index ¶

Variables
type CertWatcher
- func NewCertWatcher(certPath, keyPath, caPath string, logger *zap.Logger) (*CertWatcher, error)
type ClientConfig
- func (c *ClientConfig) TLSConfig() (*tls.Config, error)
type ServerConfig
- func (c *ServerConfig) TLSConfig() (*tls.Config, error)

Constants ¶

This section is empty.

Variables ¶

View Source

var NewCertWatcherFunc = NewCertWatcher

Functions ¶

This section is empty.

Types ¶

type CertWatcher ¶ added in v1.300049.0

type CertWatcher struct {
	sync.RWMutex
	// contains filtered or unexported fields
}

CertWatcher watches certificate and key files for changes. When either file changes, it reads and parses both and calls an optional callback with the new certificate.

func NewCertWatcher ¶ added in v1.300049.0

func NewCertWatcher(certPath, keyPath, caPath string, logger *zap.Logger) (*CertWatcher, error)

NewCertWatcher returns a new CertWatcher watching the given server certificate and client certificate.

func (*CertWatcher) GetTLSConfig ¶ added in v1.300049.0

func (cw *CertWatcher) GetTLSConfig() *tls.Config

GetTLSConfig fetches the currently loaded tls Config, which may be nil.

func (*CertWatcher) ReadTlsConfig ¶ added in v1.300049.0

func (cw *CertWatcher) ReadTlsConfig() error

func (*CertWatcher) RegisterCallback ¶ added in v1.300049.0

func (cw *CertWatcher) RegisterCallback(callback func())

RegisterCallback registers a callback to be invoked when the certificate changes.

func (*CertWatcher) Start ¶ added in v1.300049.0

func (cw *CertWatcher) Start(ctx context.Context) error

Start starts the watch on the certificate and key files.

func (*CertWatcher) Watch ¶ added in v1.300049.0

func (cw *CertWatcher) Watch()

Watch reads events from the watcher's channel and reacts to changes.

type ClientConfig ¶

type ClientConfig struct {
	TLSCA              string `toml:"tls_ca"`
	TLSCert            string `toml:"tls_cert"`
	TLSKey             string `toml:"tls_key"`
	InsecureSkipVerify bool   `toml:"insecure_skip_verify"`

	// Deprecated in 1.7; use TLS variables above
	SSLCA   string `toml:"ssl_ca"`
	SSLCert string `toml:"ssl_cert"`
	SSLKey  string `toml:"ssl_key"`
}

ClientConfig represents the standard client TLS config.

func (*ClientConfig) TLSConfig ¶

func (c *ClientConfig) TLSConfig() (*tls.Config, error)

TLSConfig returns a tls.Config, may be nil without error if TLS is not configured.

type ServerConfig ¶

type ServerConfig struct {
	TLSCert           string   `toml:"tls_cert"`
	TLSKey            string   `toml:"tls_key"`
	TLSAllowedCACerts []string `toml:"tls_allowed_cacerts"`
}

ServerConfig represents the standard server TLS config.

func (*ServerConfig) TLSConfig ¶

func (c *ServerConfig) TLSConfig() (*tls.Config, error)

TLSConfig returns a tls.Config, may be nil without error if TLS is not configured.

Source Files ¶

View all Source files

?	: This menu
/	: Search site
f or F	: Jump to
y or Y	: Canonical URL