Documentation
¶
Index ¶
- func CaCreate(cmd *cmdr.Command, args []string) (err error)
- func CertCreate(cmd *cmdr.Command, args []string) (err error)
- type CmdrTLSConfig
- func (s *CmdrTLSConfig) Dial(network, addr string) (conn net.Conn, err error)
- func (s *CmdrTLSConfig) InitTLSConfigFromCommandline(prefix string)
- func (s *CmdrTLSConfig) InitTLSConfigFromConfigFile(appTag, prefix string)
- func (s *CmdrTLSConfig) IsCertValid() bool
- func (s *CmdrTLSConfig) IsClientAuthEnabled() bool
- func (s *CmdrTLSConfig) IsServerCertValid() bool
- func (s *CmdrTLSConfig) NewTLSListener(l net.Listener) (listener net.Listener, err error)
- func (s *CmdrTLSConfig) ToServerTLSConfig() (config *tls.Config)
- func (s *CmdrTLSConfig) ToTLSConfig() (config *tls.Config)
Constants ¶
This section is empty.
Variables ¶
This section is empty.
Functions ¶
Types ¶
type CmdrTLSConfig ¶
type CmdrTLSConfig struct {
Enabled bool
Cacert string // server-side: optional server's CA; client-side: client's CA
ServerCert string // client-side: the server's cert
Cert string // server-side: server's cert bundle; client-side: client's cert
Key string // server-side: server's key; client-side: client's key
ClientAuth bool
MinTLSVersion uint16
}
CmdrTLSConfig wraps the certificates. For server-side, the `Cert` field must be a bundle of server certificates with all root CAs chain. For server-side, the `Cacert` is optional for extra client CA's.
func NewCmdrTLSConfig ¶
func NewCmdrTLSConfig(appTag, prefixInConfigFile, prefixInCommandline string) *CmdrTLSConfig
NewCmdrTLSConfig builds the *CmdrTLSConfig object from cmdr config file and cmdr command-line arguments
func (*CmdrTLSConfig) Dial ¶
func (s *CmdrTLSConfig) Dial(network, addr string) (conn net.Conn, err error)
Dial connects to the given network address using net.Dial and then initiates a TLS handshake, returning the resulting TLS connection.
Dial interprets a nil configuration as equivalent to the zero configuration; see the documentation of Config for the defaults.
func (*CmdrTLSConfig) InitTLSConfigFromCommandline ¶
func (s *CmdrTLSConfig) InitTLSConfigFromCommandline(prefix string)
InitTLSConfigFromCommandline loads the parsed command-line arguments to *CmdrTLSConfig
func (*CmdrTLSConfig) InitTLSConfigFromConfigFile ¶
func (s *CmdrTLSConfig) InitTLSConfigFromConfigFile(appTag, prefix string)
InitTLSConfigFromConfigFile loads CmdrTLSConfig members from cmdr config file.
The entries in config file looks like:
prefix := "my-service.server.tls" tls: enabled: true cacert: root.pem cert: cert.pem key: cert.key locations: - ./ci/certs - $CFG_DIR/certs
func (*CmdrTLSConfig) IsCertValid ¶
func (s *CmdrTLSConfig) IsCertValid() bool
IsCertValid checks the cert and privateKey are present
func (*CmdrTLSConfig) IsClientAuthEnabled ¶
func (s *CmdrTLSConfig) IsClientAuthEnabled() bool
IsClientAuthEnabled checks if the client-side authentication is enabled
func (*CmdrTLSConfig) IsServerCertValid ¶
func (s *CmdrTLSConfig) IsServerCertValid() bool
IsServerCertValid checks the server or CA cert are present.
func (*CmdrTLSConfig) NewTLSListener ¶
NewTLSListener builds net.Listener for tls mode or not
func (*CmdrTLSConfig) ToServerTLSConfig ¶
func (s *CmdrTLSConfig) ToServerTLSConfig() (config *tls.Config)
ToServerTLSConfig builds an tls.Config object for server.Serve
func (*CmdrTLSConfig) ToTLSConfig ¶
func (s *CmdrTLSConfig) ToTLSConfig() (config *tls.Config)
ToTLSConfig converts to *tls.Config
Source Files