| 250 | } |
| 251 | |
| 252 | func (server *Server) setupHTTPServer(handler http.Handler) (*http.Server, error) { |
| 253 | srv := &http.Server{ |
| 254 | Handler: handler, |
| 255 | } |
| 256 | |
| 257 | if server.options.EnableTLSClientAuth { |
| 258 | tlsConfig, err := server.tlsConfig() |
| 259 | if err != nil { |
| 260 | return nil, errors.Wrapf(err, "failed to setup TLS configuration") |
| 261 | } |
| 262 | srv.TLSConfig = tlsConfig |
| 263 | } |
| 264 | |
| 265 | return srv, nil |
| 266 | } |
| 267 | |
| 268 | func (server *Server) tlsConfig() (*tls.Config, error) { |
| 269 | caFile := homedir.Expand(server.options.TLSCACrtFile) |