Skip to content

Commit

Permalink
automtls: fix bidirectional communication and cert format
Browse files Browse the repository at this point in the history
  • Loading branch information
@fairclothjm
fairclothjm committed Apr 22, 2022
1 parent 73def4e commit 0d4e9d8
Show file tree
Hide file tree
Showing 2 changed files with 6 additions and 0 deletions.
4 changes: 4 additions & 0 deletions mtls.go
View file
Expand Up @@ -29,6 +29,10 @@ func generateCert() (cert []byte, privateKey []byte, err error) {
host := "localhost"

template := &x509.Certificate{
Issuer: pkix.Name{
CommonName: host,
Organization: []string{"HashiCorp"},
},
Subject: pkix.Name{
CommonName: host,
Organization: []string{"HashiCorp"},
Expand Down
2 changes: 2 additions & 0 deletions server.go
View file
Expand Up @@ -319,6 +319,8 @@ func Serve(opts *ServeConfig) {
ClientAuth: tls.RequireAndVerifyClientCert,
ClientCAs: clientCertPool,
MinVersion: tls.VersionTLS12,
RootCAs: clientCertPool,
ServerName: "localhost",
}

// We send back the raw leaf cert data for the client rather than the
Expand Down

0 comments on commit 0d4e9d8

Please sign in to comment.