Package tls provides Benthos configuration fields and wrappers for a crypto/tls config.



const Documentation = `### TLS

Custom TLS settings can be used to override system defaults. This includes
providing a collection of root certificate authorities, providing a list of
client certificates to use for client verification and skipping certificate

Client certificates can either be added by file or by raw contents:

` + "``` yaml" + `
enabled: true
  - cert_file: ./example.pem
    key_file: ./example.key
  - cert: foo
    key: bar
` + "```" + ``

Documentation is a markdown description of how and why to use TLS settings.


type ClientCertConfig added in v0.27.0

type ClientCertConfig struct {
	CertFile string `json:"cert_file" yaml:"cert_file"`
	KeyFile  string `json:"key_file" yaml:"key_file"`
	Cert     string `json:"cert" yaml:"cert"`
	Key      string `json:"key" yaml:"key"`

ClientCertConfig contains config fields for a client certificate.

func (*ClientCertConfig) Load added in v0.30.0

func (c *ClientCertConfig) Load() (tls.Certificate, error)

Load returns a TLS certificate, based on either file paths in the config or the raw certs as strings.

type Config

type Config struct {
	Enabled            bool               `json:"enabled" yaml:"enabled"`
	RootCAsFile        string             `json:"root_cas_file" yaml:"root_cas_file"`
	InsecureSkipVerify bool               `json:"skip_cert_verify" yaml:"skip_cert_verify"`
	ClientCertificates []ClientCertConfig `json:"client_certs" yaml:"client_certs"`

Config contains configuration params for TLS.

func NewConfig

func NewConfig() Config

NewConfig creates a new Config with default values.

func (*Config) Get

func (c *Config) Get() (*tls.Config, error)

Get returns a valid *tls.Config based on the configuration values of Config.

