Back to

Package configtls

Latest Go to latest
Published: Jun 16, 2020 | License: Apache-2.0 | Module:


Package Files

type TLSClientSetting

type TLSClientSetting struct {
	TLSSetting `mapstructure:",squash"` // squash ensures fields are correctly decoded in embedded struct

	// In gRPC when set to true, this is used to disable the client transport security.
	// See
	// In HTTP, this disables verifying the server's certificate chain and host name
	// (InsecureSkipVerify in the tls Config). Please refer to
	// for more information.
	// (optional, default false)
	// TODO(ccaraman): With further research InsecureSkipVerify is a valid option
	// for gRPC connections. Add that ability to the TLSClientSettings in a subsequent
	// pr.
	Insecure bool `mapstructure:"insecure"`
	// ServerName requested by client for virtual hosting.
	// This sets the ServerName in the TLSConfig. Please refer to
	// for more information. (optional)
	ServerName string `mapstructure:"server_name_override"`

TLSClientSetting contains TLS configurations that are specific to client connections in addition to the common configurations. This should be used by components configuring TLS client connections.

func (TLSClientSetting) LoadgRPCTLSClientCredentials

func (c TLSClientSetting) LoadgRPCTLSClientCredentials() (grpc.DialOption, error)

type TLSSetting

type TLSSetting struct {
	// Path to the CA cert. For a client this verifies the server certificate.
	// For a server this verifies client certificates. If empty uses system root CA.
	// (optional)
	CAFile string `mapstructure:"ca_file"`
	// Path to the TLS cert to use for TLS required connections. (optional)
	CertFile string `mapstructure:"cert_file"`
	// Path to the TLS key to use for TLS required connections. (optional)
	KeyFile string `mapstructure:"key_file"`

TLSSetting exposes the common client and server TLS configurations. Note: Since there isn't anything specific to a server connection. Components with server connections should use TLSSetting.

func (TLSSetting) LoadTLSConfig

func (c TLSSetting) LoadTLSConfig() (*tls.Config, error)

LoadTLSConfig loads TLS certificates and returns a tls.Config. This will set the RootCAs and Certificates of a tls.Config.

func (TLSSetting) LoadgRPCTLSServerCredentials

func (c TLSSetting) LoadgRPCTLSServerCredentials() (grpc.ServerOption, error)
Documentation was rendered with GOOS=linux and GOARCH=amd64.

Jump to identifier

Keyboard shortcuts

? : This menu
/ : Search site
f or F : Jump to identifier