-
Notifications
You must be signed in to change notification settings - Fork 17
/
Copy pathtls.go
29 lines (24 loc) · 946 Bytes
/
tls.go
1
2
3
4
5
6
7
8
9
10
11
12
13
14
15
16
17
18
19
20
21
22
23
24
25
26
27
28
29
package loggregator
import (
"crypto/tls"
"code.cloudfoundry.org/tlsconfig"
)
// NewIngressTLSConfig provides a convenient means for creating a *tls.Config
// which uses the CA, cert, and key for the ingress endpoint.
func NewIngressTLSConfig(caPath, certPath, keyPath string) (*tls.Config, error) {
return newTLSConfig(caPath, certPath, keyPath, "metron")
}
// NewEgressTLSConfig provides a convenient means for creating a *tls.Config
// which uses the CA, cert, and key for the egress endpoint.
func NewEgressTLSConfig(caPath, certPath, keyPath string) (*tls.Config, error) {
return newTLSConfig(caPath, certPath, keyPath, "reverselogproxy")
}
func newTLSConfig(caPath, certPath, keyPath, cn string) (*tls.Config, error) {
return tlsconfig.Build(
tlsconfig.WithInternalServiceDefaults(),
tlsconfig.WithIdentityFromFile(certPath, keyPath),
).Client(
tlsconfig.WithAuthorityFromFile(caPath),
tlsconfig.WithServerName(cn),
)
}