-
Notifications
You must be signed in to change notification settings - Fork 0
/
tls.go
29 lines (23 loc) · 1 KB
/
tls.go
1
2
3
4
5
6
7
8
9
10
11
12
13
14
15
16
17
18
19
20
21
22
23
24
25
26
27
28
29
package config
type TLSServerConfig struct {
// (optional) "TLS1.2" or "TLS1.3"
MinVersion string `json:"min_version" yaml:"min_version"`
// (optional) "TLS1.2" or "TLS1.3"
MaxVersion string `json:"max_version" yaml:"max_version"`
CertFile string `json:"cert_file" yaml:"cert_file"`
KeyFile string `json:"key_file" yaml:"key_file"`
// (optional) If present, require client certificate (mTLS)
ClientCertCAFile string `json:"client_cert_ca_file" yaml:"client_cert_ca_file"`
}
type TLSClientConfig struct {
// (optional) PKCS#12 encoded client credentials for mTLS
ClientCerts []MTLSCertLoadConfig `json:"client_certs" yaml:"client_certs"`
// (optional) If present, use those certs for Root CA instead of environment provided root CA list.
RootCAFiles []string `json:"root_ca_files" yaml:"root_ca_files"`
}
type MTLSCertLoadConfig struct {
// Path of PKCS#12 encoded credential file
Path string `json:"path" yaml:"path"`
// Password of PKCS#12 archive
Password string `json:"password" yaml:"password"`
}