Skip to content
New issue

Have a question about this project? Sign up for a free GitHub account to open an issue and contact its maintainers and the community.

By clicking “Sign up for GitHub”, you agree to our terms of service and privacy statement. We’ll occasionally send you account related emails.

Already on GitHub? Sign in to your account

proposal: crypto/tls: add function to dynamically load more than one certificate for a multi-domain server #36135

Open
mvasi90 opened this issue Dec 13, 2019 · 0 comments

Comments

@mvasi90
Copy link

@mvasi90 mvasi90 commented Dec 13, 2019

Hello,

Please add a function to load dynamically more than one certificate for multi domain server.

tlsConfig := &tls.Config{
	PreferServerCipherSuites: true,
	MinVersion:               tls.VersionTLS13,
	ClientCAs:                caCertPool,
	GetClientCertificates:     certR.GetCertificatesFunc(), // more than one
	//ClientAuth: tls.RequireAndVerifyClientCert,
}


func (cr *certReloader) GetCertificatesFunc() func(*tls.ClientHelloInfo) ([]*tls.Certificate, error) {
	return func(chi *tls.ClientHelloInfo) ([]*tls.Certificate, error) {
		cr.m.RLock()
		defer cr.m.RUnlock()
		return cr.certs, nil
	}
}
@gopherbot gopherbot added this to the Proposal milestone Dec 13, 2019
@gopherbot gopherbot added the Proposal label Dec 13, 2019
@odeke-em odeke-em changed the title Proposal: Add tls.Config.GetClientCertificate ... ([]*Certificate, error) proposal: crypto/tls: add function to dynamically load more than one certificate for a multi-domain server Dec 14, 2019
Sign up for free to join this conversation on GitHub. Already have an account? Sign in to comment
Projects
None yet
3 participants
You can’t perform that action at this time.