Documentation ¶
Index ¶
Constants ¶
This section is empty.
Variables ¶
This section is empty.
Functions ¶
Types ¶
type TLSConfig ¶
type TLSConfig struct { // CAPath is the path of file that contains list of trusted SSL CAs. if set, following four settings shouldn't be empty CAPath string `toml:"cacert-path" json:"cacert-path"` // CertPath is the path of file that contains X509 certificate in PEM format. CertPath string `toml:"cert-path" json:"cert-path"` // KeyPath is the path of file that contains X509 key in PEM format. KeyPath string `toml:"key-path" json:"key-path"` // CertAllowedCN is a CN which must be provided by a client CertAllowedCN []string `toml:"cert-allowed-cn" json:"cert-allowed-cn"` SSLCABytes []byte SSLCertBytes []byte SSLKEYBytes []byte }
TLSConfig is the configuration for supporting tls.
func (TLSConfig) GetOneAllowedCN ¶
GetOneAllowedCN only gets the first one CN.
type TLSInfo ¶
type TLSInfo struct { CertFile string KeyFile string CAFile string // TODO: deprecate this in v4 TrustedCAFile string ClientCertAuth bool CRLFile string InsecureSkipVerify bool SkipClientSANVerify bool // ServerName ensures the cert matches the given host in case of discovery / virtual hosting ServerName string // HandshakeFailure is optionally called when a connection fails to handshake. The // connection will be closed immediately afterwards. HandshakeFailure func(*tls.Conn, error) // CipherSuites is a list of supported cipher suites. // If empty, Go auto-populates it by default. // Note that cipher suites are prioritized in the given order. CipherSuites []uint16 // AllowedCN is a CN which must be provided by a client. AllowedCN string // contains filtered or unexported fields }
TLSInfo stores tls configuration to connect to etcd.
func (TLSInfo) ClientConfig ¶
ClientConfig generates a tls.Config object for use by an HTTP client.
Click to show internal directories.
Click to hide internal directories.