(kms, certFile, keyFile, passFile string)
| 654 | } |
| 655 | |
| 656 | func tlsLoadX509KeyPair(kms, certFile, keyFile, passFile string) (tls.Certificate, error) { |
| 657 | x509Chain, err := pemutil.ReadCertificateBundle(certFile) |
| 658 | if err != nil { |
| 659 | return tls.Certificate{}, errs.Wrap(err, "error reading certificate chain") |
| 660 | } |
| 661 | x509ChainBytes := make([][]byte, len(x509Chain)) |
| 662 | for i, c := range x509Chain { |
| 663 | x509ChainBytes[i] = c.Raw |
| 664 | } |
| 665 | |
| 666 | opts := []pemutil.Options{pemutil.WithFilename(keyFile)} |
| 667 | if passFile != "" { |
| 668 | opts = append(opts, pemutil.WithPasswordFile(passFile)) |
| 669 | } |
| 670 | signer, err := cryptoutil.CreateSigner(kms, keyFile, opts...) |
| 671 | if err != nil { |
| 672 | return tls.Certificate{}, errs.Wrap(err, "error loading private key") |
| 673 | } |
| 674 | return tls.Certificate{ |
| 675 | Certificate: x509ChainBytes, |
| 676 | PrivateKey: signer, |
| 677 | Leaf: x509Chain[0], |
| 678 | }, nil |
| 679 | } |
no test coverage detected
searching dependent graphs…