Documentation
¶
Index ¶
Constants ¶
View Source
const Type = "tls"
Type should match the package name
Variables ¶
This section is empty.
Functions ¶
This section is empty.
Types ¶
type Checker ¶
type Checker struct {
// Name is the name of the endpoint.
Name string `json:"endpoint_name"`
// URL is the host:port of the remote endpoint to check.
URL string `json:"endpoint_url"`
// Timeout is the maximum time to wait for a
// TLS connection to be established.
Timeout time.Duration `json:"timeout,omitempty"`
// ThresholdRTT is the maximum round trip time to
// allow for a healthy endpoint. If non-zero and a
// request takes longer than ThresholdRTT, the
// endpoint will be considered unhealthy. Note that
// this duration includes any in-between network
// latency.
ThresholdRTT time.Duration `json:"threshold_rtt,omitempty"`
// Attempts is how many requests the client will
// make to the endpoint in a single check.
Attempts int `json:"attempts,omitempty"`
// CertExpiryThreshold is how close to expiration
// the TLS certificate must be before declaring
// a degraded status. Default is 14 days.
CertExpiryThreshold time.Duration `json:"cert_expiry_threshold,omitempty"`
// TrustedRoots is a list of PEM files to load as
// trusted root CAs when connecting to TLS remotes.
TrustedRoots []string `json:"trusted_roots,omitempty"`
// contains filtered or unexported fields
}
Checker implements a Checker for TLS endpoints.
TODO: Implement more checks on the certificate and TLS configuration.
- Cipher suites
- Protocol versions
- OCSP stapling
- Multiple SNIs
- Other things that you might see at SSL Labs or other TLS health checks
func New ¶
func New(config json.RawMessage) (Checker, error)
New creates a new Checker instance based on json config
Source Files
Click to show internal directories.
Click to hide internal directories.