Documentation ¶
Index ¶
- func NewDynamicTLSClientConfig(getCert func() (*tls.Certificate, error), rootCAs *x509.CertPool, ...) *tls.Config
- func NewEmptyTLSConfig() *tls.Config
- func NewTLSConfigForServer(serverName string, enableHostVerification bool) *tls.Config
- func NewTLSConfigWithCertsAndCAs(clientAuth tls.ClientAuthType, certificates []tls.Certificate, ...) *tls.Config
- type TLS
Constants ¶
This section is empty.
Variables ¶
This section is empty.
Functions ¶
func NewDynamicTLSClientConfig ¶ added in v1.5.7
func NewEmptyTLSConfig ¶ added in v1.1.0
func NewTLSConfigForServer ¶ added in v1.1.0
func NewTLSConfigWithCertsAndCAs ¶ added in v1.1.0
func NewTLSConfigWithCertsAndCAs( clientAuth tls.ClientAuthType, certificates []tls.Certificate, clientCAs *x509.CertPool, logger log.Logger, ) *tls.Config
Types ¶
type TLS ¶
type TLS struct { Enabled bool `yaml:"enabled"` // CertPath and KeyPath are optional depending on server // config, but both fields must be omitted to avoid using a // client certificate CertFile string `yaml:"certFile"` KeyFile string `yaml:"keyFile"` CaFile string `yaml:"caFile"` //optional depending on server config // If you want to verify the hostname and server cert (like a wildcard for cass cluster) then you should turn this on // This option is basically the inverse of InSecureSkipVerify // See InSecureSkipVerify in http://golang.org/pkg/crypto/tls/ for more info EnableHostVerification bool `yaml:"enableHostVerification"` ServerName string `yaml:"serverName"` // Base64 equivalents of the above artifacts. // You cannot specify both a Data and a File for the same artifact (e.g. setting CertFile and CertData) CertData string `yaml:"certData"` KeyData string `yaml:"keyData"` CaData string `yaml:"caData"` // optional depending on server config }
TLS describe TLS configuration (for Cassandra, SQL)
Click to show internal directories.
Click to hide internal directories.