-
Notifications
You must be signed in to change notification settings - Fork 687
Commit
This commit does not belong to any branch on this repository, and may belong to a fork outside of the repository.
Added env based support for HTTPS connection (#4706)
* Added env based support for HTTPS connection Signed-off-by: Saranya-jena <[email protected]> * resolved review comments Signed-off-by: Saranya-jena <[email protected]> * updated logic Signed-off-by: Saranya-jena <[email protected]> * fixed importd Signed-off-by: Saranya-jena <[email protected]> * added helper files Signed-off-by: Saranya-jena <[email protected]> * resolved comments Signed-off-by: Saranya-jena <[email protected]> * resolved comments Signed-off-by: Saranya-jena <[email protected]> * Update push.yml * minor changes Signed-off-by: Saranya-jena <[email protected]> * minor changes Signed-off-by: Saranya-jena <[email protected]> * minor changes Signed-off-by: Saranya-jena <[email protected]> * minor changes Signed-off-by: Saranya-jena <[email protected]> * minor changes Signed-off-by: Saranya-jena <[email protected]> * Update push.yml * updated oush.yam Signed-off-by: Saranya-jena <[email protected]> * updated manifest Signed-off-by: Saranya-jena <[email protected]> --------- Signed-off-by: Saranya-jena <[email protected]> Co-authored-by: Namkyu Park <[email protected]>
- Loading branch information
1 parent
a00691f
commit 9f4fe25
Showing
12 changed files
with
359 additions
and
5 deletions.
There are no files selected for viewing
This file contains bidirectional Unicode text that may be interpreted or compiled differently than what appears below. To review, open the file in an editor that reveals hidden Unicode characters.
Learn more about bidirectional Unicode characters
This file contains bidirectional Unicode text that may be interpreted or compiled differently than what appears below. To review, open the file in an editor that reveals hidden Unicode characters.
Learn more about bidirectional Unicode characters
This file contains bidirectional Unicode text that may be interpreted or compiled differently than what appears below. To review, open the file in an editor that reveals hidden Unicode characters.
Learn more about bidirectional Unicode characters
Original file line number | Diff line number | Diff line change |
---|---|---|
@@ -0,0 +1 @@ | ||
subjectAltName=DNS:*.someclient.com,IP:0.0.0.0,DNS:localhost |
This file contains bidirectional Unicode text that may be interpreted or compiled differently than what appears below. To review, open the file in an editor that reveals hidden Unicode characters.
Learn more about bidirectional Unicode characters
This file contains bidirectional Unicode text that may be interpreted or compiled differently than what appears below. To review, open the file in an editor that reveals hidden Unicode characters.
Learn more about bidirectional Unicode characters
This file contains bidirectional Unicode text that may be interpreted or compiled differently than what appears below. To review, open the file in an editor that reveals hidden Unicode characters.
Learn more about bidirectional Unicode characters
This file contains bidirectional Unicode text that may be interpreted or compiled differently than what appears below. To review, open the file in an editor that reveals hidden Unicode characters.
Learn more about bidirectional Unicode characters
Original file line number | Diff line number | Diff line change |
---|---|---|
@@ -0,0 +1,47 @@ | ||
package utils | ||
|
||
import ( | ||
"crypto/tls" | ||
"crypto/x509" | ||
"os" | ||
|
||
log "github.com/sirupsen/logrus" | ||
) | ||
|
||
func GetTlsConfig(certPath string, keyPath string, isServerConfig bool) *tls.Config { | ||
|
||
// read ca's cert, verify to client's certificate | ||
caPem, err := os.ReadFile(Config.CaCertPath) | ||
if err != nil { | ||
log.Fatal(err) | ||
} | ||
|
||
// create cert pool and append ca's cert | ||
certPool := x509.NewCertPool() | ||
if !certPool.AppendCertsFromPEM(caPem) { | ||
log.Fatal(err) | ||
} | ||
|
||
// read server cert & key | ||
cert, err := tls.LoadX509KeyPair(certPath, keyPath) | ||
if err != nil { | ||
log.Fatal(err) | ||
} | ||
|
||
config := &tls.Config{ | ||
Certificates: []tls.Certificate{cert}, | ||
RootCAs: certPool, | ||
} | ||
|
||
if isServerConfig { | ||
// configuring TLS config based on provided certificates & keys to | ||
conf := &tls.Config{ | ||
Certificates: []tls.Certificate{cert}, | ||
ClientAuth: tls.RequireAndVerifyClientCert, | ||
ClientCAs: certPool, | ||
} | ||
return conf | ||
} | ||
|
||
return config | ||
} |
This file contains bidirectional Unicode text that may be interpreted or compiled differently than what appears below. To review, open the file in an editor that reveals hidden Unicode characters.
Learn more about bidirectional Unicode characters
Oops, something went wrong.