readClientCert - helper function to read client certificate from pem formatted file
(filename string)
| 140 | // readClientCert - helper function to read client certificate |
| 141 | // from pem formatted file |
| 142 | func readClientCert(filename string) []tls.Certificate { |
| 143 | if filename == "" { |
| 144 | return nil |
| 145 | } |
| 146 | var ( |
| 147 | pkeyPem []byte |
| 148 | certPem []byte |
| 149 | ) |
| 150 | |
| 151 | // read client certificate file (must include client private key and certificate) |
| 152 | certFileBytes, err := os.ReadFile(filename) |
| 153 | if err != nil { |
| 154 | log.Fatalf("failed to read client certificate file: %v", err) |
| 155 | } |
| 156 | |
| 157 | for { |
| 158 | block, rest := pem.Decode(certFileBytes) |
| 159 | if block == nil { |
| 160 | break |
| 161 | } |
| 162 | certFileBytes = rest |
| 163 | |
| 164 | if strings.HasSuffix(block.Type, "PRIVATE KEY") { |
| 165 | pkeyPem = pem.EncodeToMemory(block) |
| 166 | } |
| 167 | if strings.HasSuffix(block.Type, "CERTIFICATE") { |
| 168 | certPem = pem.EncodeToMemory(block) |
| 169 | } |
| 170 | } |
| 171 | |
| 172 | cert, err := tls.X509KeyPair(certPem, pkeyPem) |
| 173 | if err != nil { |
| 174 | log.Fatalf("unable to load client cert and key pair: %v", err) |
| 175 | } |
| 176 | return []tls.Certificate{cert} |
| 177 | } |
| 178 | |
| 179 | func parseURL(uri string) *url.URL { |
| 180 | if !strings.Contains(uri, "://") && !strings.HasPrefix(uri, "//") { |