MCPcopy
hub / github.com/dgraph-io/dgraph / LoadServerTLSConfigForInternalPort

Function LoadServerTLSConfigForInternalPort

x/tls_helper.go:112–130  ·  view source on GitHub ↗

LoadServerTLSConfigForInternalPort loads the TLS config for the internal ports of the cluster

(v *viper.Viper)

Source from the content-addressed store, hash-verified

110
111// LoadServerTLSConfigForInternalPort loads the TLS config for the internal ports of the cluster
112func LoadServerTLSConfigForInternalPort(v *viper.Viper) (*tls.Config, error) {
113 tlsFlag := z.NewSuperFlag(v.GetString("tls")).MergeAndCheckDefault(TLSDefaults)
114
115 if !tlsFlag.GetBool("internal-port") {
116 return nil, nil
117 }
118 if tlsFlag.GetPath("server-cert") == "" || tlsFlag.GetPath("server-key") == "" {
119 return nil, errors.Errorf(`Inter-node TLS is enabled but server node certs are not provided. ` +
120 `Please provide --tls "server-cert=...; server-key=...;"`)
121 }
122 conf := TLSHelperConfig{}
123 conf.UseSystemCACerts = tlsFlag.GetBool("use-system-ca")
124 conf.RootCACert = tlsFlag.GetPath("ca-cert")
125 conf.CertRequired = true
126 conf.Cert = tlsFlag.GetPath("server-cert")
127 conf.Key = tlsFlag.GetPath("server-key")
128 conf.ClientAuth = "REQUIREANDVERIFY"
129 return GenerateServerTLSConfig(&conf)
130}
131
132// LoadServerTLSConfig loads the TLS config into the server with the given parameters.
133func LoadServerTLSConfig(v *viper.Viper) (*tls.Config, error) {

Callers 2

serveGRPCMethod · 0.92
runFunction · 0.92

Calls 2

GenerateServerTLSConfigFunction · 0.85
ErrorfMethod · 0.45

Tested by

no test coverage detected