tls

package
v1.4.5 Latest Latest
Warning

This package is not in the latest version of its module.

Go to latest
Published: Feb 19, 2020 License: Apache-2.0 Imports: 9 Imported by: 88

Documentation

Index

Constants

This section is empty.

Variables

DefaultCipherSuites is a set of strong TLS cipher suites

Functions

func AbsTLSClient

func AbsTLSClient(cfg *ClientTLSConfig, configDir string) error

AbsTLSClient makes TLS client files absolute

func AbsTLSServer

func AbsTLSServer(cfg *ServerTLSConfig, configDir string) error

AbsTLSServer makes TLS client files absolute

func GetClientTLSConfig

func GetClientTLSConfig(cfg *ClientTLSConfig, csp bccsp.BCCSP) (*tls.Config, error)

GetClientTLSConfig creates a tls.Config object from certs and roots

Types

type ClientAuth

type ClientAuth struct {
	Type      string   `def:"noclientcert" help:"Policy the server will follow for TLS Client Authentication."`
	CertFiles []string `help:"A list of comma-separated PEM-encoded trusted certificate files (e.g. root1.pem,root2.pem)"`
}

ClientAuth defines the key material needed to verify client certificates

type ClientTLSConfig

type ClientTLSConfig struct {
	Enabled   bool     `skip:"true"`
	CertFiles []string `help:"A list of comma-separated PEM-encoded trusted certificate files (e.g. root1.pem,root2.pem)"`
	Client    KeyCertFiles
}

ClientTLSConfig defines the key material for a TLS client

type KeyCertFiles

type KeyCertFiles struct {
	KeyFile  string `help:"PEM-encoded key file when mutual authentication is enabled"`
	CertFile string `help:"PEM-encoded certificate file when mutual authenticate is enabled"`
}

KeyCertFiles defines the files need for client on TLS

type ServerTLSConfig

type ServerTLSConfig struct {
	Enabled    bool   `help:"Enable TLS on the listening port"`
	CertFile   string `def:"tls-cert.pem" help:"PEM-encoded TLS certificate file for server's listening port"`
	KeyFile    string `help:"PEM-encoded TLS key for server's listening port"`
	ClientAuth ClientAuth
}

ServerTLSConfig defines key material for a TLS server

Jump to

Keyboard shortcuts

? : This menu
/ : Search site
f or F : Jump to
y or Y : Canonical URL