Documentation ¶
Index ¶
Constants ¶
This section is empty.
Variables ¶
This section is empty.
Functions ¶
This section is empty.
Types ¶
type TLSClientSetting ¶
type TLSClientSetting struct { TLSSetting `mapstructure:",squash"` // squash ensures fields are correctly decoded in embedded struct // In gRPC when set to true, this is used to disable the client transport security. // See https://godoc.org/google.golang.org/grpc#WithInsecure. // In HTTP, this disables verifying the server's certificate chain and host name // (InsecureSkipVerify in the tls Config). Please refer to // https://godoc.org/crypto/tls#Config for more information. // (optional, default false) // TODO(ccaraman): With further research InsecureSkipVerify is a valid option // for gRPC connections. Add that ability to the TLSClientSettings in a subsequent // pr. Insecure bool `mapstructure:"insecure"` // ServerName requested by client for virtual hosting. // This sets the ServerName in the TLSConfig. Please refer to // https://godoc.org/crypto/tls#Config for more information. (optional) ServerName string `mapstructure:"server_name_override"` }
TLSClientSetting contains TLS configurations that are specific to client connections in addition to the common configurations. This should be used by components configuring TLS client connections.
func (TLSClientSetting) LoadTLSConfig ¶ added in v0.5.0
func (c TLSClientSetting) LoadTLSConfig() (*tls.Config, error)
type TLSServerSetting ¶ added in v0.5.0
type TLSServerSetting struct { TLSSetting `mapstructure:",squash"` // squash ensures fields are correctly decoded in embedded struct // Path to the TLS cert to use by the server to verify a client certificate. (optional) // This sets the ClientCAs and ClientAuth to RequireAndVerifyClientCert in the TLSConfig. Please refer to // https://godoc.org/crypto/tls#Config for more information. (optional) ClientCAFile string `mapstructure:"client_ca_file"` }
TLSServerSetting contains TLS configurations that are specific to server connections in addition to the common configurations. This should be used by components configuring TLS server connections.
func (TLSServerSetting) LoadTLSConfig ¶ added in v0.5.0
func (c TLSServerSetting) LoadTLSConfig() (*tls.Config, error)
type TLSSetting ¶
type TLSSetting struct { // Path to the CA cert. For a client this verifies the server certificate. // For a server this verifies client certificates. If empty uses system root CA. // (optional) CAFile string `mapstructure:"ca_file"` // Path to the TLS cert to use for TLS required connections. (optional) CertFile string `mapstructure:"cert_file"` // Path to the TLS key to use for TLS required connections. (optional) KeyFile string `mapstructure:"key_file"` }
TLSSetting exposes the common client and server TLS configurations. Note: Since there isn't anything specific to a server connection. Components with server connections should use TLSSetting.
Click to show internal directories.
Click to hide internal directories.