mtls

package
v0.0.10 Latest Latest
Warning

This package is not in the latest version of its module.

 Go to latest Published: Dec 1, 2018 License: Apache-2.0 Imports: 8 Imported by: 1

README

MTLS Plugin

The mtls (mutual TLS) plugin uses mutual tls and self-signed certificates to authenticate requests to the yFuzz API.

Requests are authorized based on if the public key associated with the user's certificate is in a whitelist.

Adding a New User

First, generate a user x509 certificate:

$ openssl req -x509 -newkey rsa:4096 -keyout key.pem -out cert.pem -nodes
$ openssl rsa -in key.pem -pubout

Then whitelist that certificate by adding the public key to the yFuzz configuration file.

Configuration

Plugins in yFuzz are configured in the config.yaml file. The following options are available for the mtls plugin:

plugins:
  - mtls:
      authorized-keys:
        - |
          -----BEGIN PUBLIC KEY-----
          Public key goes here.
          -----END PUBLIC KEY-----
        - |
          -----BEGIN PUBLIC KEY-----
          A second public key.
          -----END PUBLIC KEY-----
  • authorized-keys: List of public keys corresponding to users authorized to access yFuzz.

See Also

Documentation

Overview

Package mtls is an authentication/authorization middleware for connecting yFuzz with mutual TLS.

Index

Constants

This section is empty.

Variables

View Source 
var Plugin mtls

Plugin is the exported yFuzz plugin.

Functions

func Middleware 

func Middleware(h http.Handler) http.Handler

Middleware initializes a connection to Athenz for use in verifying users have permission to access yFuzz.

Types

This section is empty.

Source Files

View all Source files

Jump to

Keyboard shortcuts

? : This menu
/ : Search site
f or F : Jump to
y or Y : Canonical URL
go.dev uses cookies from Google to deliver and enhance the quality of its services and to analyze traffic. Learn more.