Documentation ¶
Overview ¶
This file contains CLI and env TLS configurations that can be used by clients or servers
Index ¶
Constants ¶
const ( TLSCaCertFlagName = "tls.ca" TLSCertFlagName = "tls.cert" TLSKeyFlagName = "tls.key" )
Variables ¶
This section is empty.
Functions ¶
func CLIFlags ¶
func CLIFlags(envPrefix string) []cli.Flag
CLIFlags returns flags with env var envPrefix This should be used for server TLS configs, or when client and server tls configs are the same
func CLIFlagsWithFlagPrefix ¶
CLIFlagsWithFlagPrefix returns flags with env var and cli flag prefixes Should be used for client TLS configs when different from server on the same process
func NewPeerTLSMiddleware ¶
NewPeerTLSMiddleware returns an http.Handler that extracts the peer's certificate data into PeerTLSInfo and attaches it to the request-scoped context. PeerTLSInfo will only be populated if the http.Server is listening with ListenAndServeTLS This is useful for ethereum-go/rpc endpoints because the http.Request object isn't accessible in the registered service.
Types ¶
type CLIConfig ¶
func ReadCLIConfig ¶
func ReadCLIConfig(ctx *cli.Context) CLIConfig
ReadCLIConfig reads tls cli configs This should be used for server TLS configs, or when client and server tls configs are the same
func ReadCLIConfigWithPrefix ¶
ReadCLIConfigWithPrefix reads tls cli configs with flag prefix Should be used for client TLS configs when different from server on the same process
func (CLIConfig) TLSEnabled ¶
type PeerTLSInfo ¶
type PeerTLSInfo struct {
LeafCertificate *x509.Certificate
}
PeerTLSInfo contains request-scoped peer certificate data It can be used by downstream http.Handlers to authorize access for TLS-authenticated clients
func PeerTLSInfoFromContext ¶
func PeerTLSInfoFromContext(ctx context.Context) PeerTLSInfo
PeerTLSInfoFromContext extracts PeerTLSInfo from the context Result will only be populated if NewPeerTLSMiddleware has been added to the handler stack.