Skip to content
/ tlsutil Public

TLS util functions to help with setting up client & server TLS-based connections.

License

Notifications You must be signed in to change notification settings

acacio/tlsutil

Folders and files

NameName
Last commit message
Last commit date

Latest commit

 

History

6 Commits
 
 
 
 
 
 
 
 
 
 
 
 
 
 
 
 
 
 

Repository files navigation

tlsutil

TLS util functions to help with setting up client & server TLS-based connections.

Setup

go get -u github.com/acacio/tlsutil

Use for connection setup

import (
	"github.com/acacio/tlsutil"
)


type Config struct {
	TLSType       string
	VerifyClients bool
	CA            string
	Cert          string
	Key           string
}

func setupServer(cfg *Config) (*tls.Config, error) {
	var tlstype string
	if cfg.VerifyClients {
		tlstype = "verify"
	} else {
		tlstype = "simple"
	}
	// Implicitly requires CA for "verify"
	return tlsutil.SetupServerTLS(tlstype, cfg.CA, cfg.Cert, cfg.Key)
}

TLS combinations

With this library it is possible to setup several different TLS pairings:

Client \ Server No srv TLS Certs
"simple"
Certs +
Client Verification
"verify"
No TLS - N/A N/A
Simple TLS
"simple"
N/A supported N/A
Client Certs
"certs"
N/A supported Server enforces Client ID
(server needs CA.crt)
Client Certs +
Server Verification

"verify"
N/A Client enforces server ID
(client needs CA.crt)
Enforce Client & Server ID
(both require CA.crt)

About

TLS util functions to help with setting up client & server TLS-based connections.

Resources

License

Stars

Watchers

Forks

Packages

No packages published

Languages