Documentation
¶
Index ¶
Constants ¶
View Source
const ( // HTTPConfTLSCAFile the TLS certificate authority file for the HTTP server HTTPConfTLSCAFile = "caFile" // HTTPConfTLSCA the TLS certificate authority in PEM format, this option is ignored if HTTPConfTLSCAFile is also set HTTPConfTLSCA = "ca" // HTTPConfTLSCertFile the TLS certificate file for the HTTP server HTTPConfTLSCertFile = "certFile" // HTTPConfTLSCert the TLS certificate in PEM format, this option is ignored if HTTPConfTLSCertFile is also set HTTPConfTLSCert = "cert" // HTTPConfTLSClientAuth whether the HTTP server requires a mutual TLS connection HTTPConfTLSClientAuth = "clientAuth" // HTTPConfTLSEnabled whether TLS is enabled for the HTTP server HTTPConfTLSEnabled = "enabled" // HTTPConfTLSKeyFile the private key file for TLS on the server HTTPConfTLSKeyFile = "keyFile" // HTTPConfTLSKey the TLS certificate key in PEM format, this option is ignored if HTTPConfTLSKeyFile is also set HTTPConfTLSKey = "key" // HTTPConfTLSInsecureSkipHostVerify disables host verification - insecure (for dev only) HTTPConfTLSInsecureSkipHostVerify = "insecureSkipHostVerify" // HTTPConfTLSRequiredDNAttributes provides a set of regular expressions, to match against the DN of the client. Requires HTTPConfTLSClientAuth HTTPConfTLSRequiredDNAttributes = "requiredDNAttributes" )
Variables ¶
View Source
var SubjectDNKnownAttributes = map[string]func(pkix.Name) []string{ "C": func(n pkix.Name) []string { return n.Country }, "O": func(n pkix.Name) []string { return n.Organization }, "OU": func(n pkix.Name) []string { return n.OrganizationalUnit }, "CN": func(n pkix.Name) []string { if n.CommonName == "" { return []string{} } return []string{n.CommonName} }, "SERIALNUMBER": func(n pkix.Name) []string { if n.SerialNumber == "" { return []string{} } return []string{n.SerialNumber} }, "L": func(n pkix.Name) []string { return n.Locality }, "ST": func(n pkix.Name) []string { return n.Province }, "STREET": func(n pkix.Name) []string { return n.StreetAddress }, "POSTALCODE": func(n pkix.Name) []string { return n.PostalCode }, }
Functions ¶
func ConstructTLSConfig ¶
func InitTLSConfig ¶
Types ¶
type Config ¶ added in v1.4.0
type Config struct {
Enabled bool `ffstruct:"tlsconfig" json:"enabled"`
ClientAuth bool `ffstruct:"tlsconfig" json:"clientAuth,omitempty"`
CAFile string `ffstruct:"tlsconfig" json:"caFile,omitempty"`
CA string `ffstruct:"tlsconfig" json:"ca,omitempty"`
CertFile string `ffstruct:"tlsconfig" json:"certFile,omitempty"`
Cert string `ffstruct:"tlsconfig" json:"cert,omitempty"`
KeyFile string `ffstruct:"tlsconfig" json:"keyFile,omitempty"`
Key string `ffstruct:"tlsconfig" json:"key,omitempty"`
InsecureSkipHostVerify bool `ffstruct:"tlsconfig" json:"insecureSkipHostVerify"`
RequiredDNAttributes map[string]interface{} `ffstruct:"tlsconfig" json:"requiredDNAttributes,omitempty"`
}
func GenerateConfig ¶ added in v1.4.0
Source Files
Click to show internal directories.
Click to hide internal directories.