MCPcopy
hub / github.com/zalando/skipper / TlsConfig

Method TlsConfig

skipper.go:1431–1474  ·  view source on GitHub ↗
(cr *certregistry.CertRegistry)

Source from the content-addressed store, hash-verified

1429}
1430
1431func (o *Options) TlsConfig(cr *certregistry.CertRegistry) (*tls.Config, error) {
1432
1433 if o.ProxyTLS != nil {
1434 return o.ProxyTLS, nil
1435 }
1436
1437 if o.CertPathTLS == "" && o.KeyPathTLS == "" && cr == nil {
1438 return nil, nil
1439 }
1440
1441 config := &tls.Config{
1442 MinVersion: o.TLSMinVersion,
1443 ClientAuth: o.TLSClientAuth,
1444 }
1445
1446 if o.CipherSuites != nil {
1447 config.CipherSuites = o.CipherSuites
1448 }
1449
1450 if cr != nil {
1451 config.GetCertificate = cr.GetCertFromHello
1452 }
1453
1454 if o.CertPathTLS == "" && o.KeyPathTLS == "" {
1455 return config, nil
1456 }
1457
1458 crts := strings.Split(o.CertPathTLS, ",")
1459 keys := strings.Split(o.KeyPathTLS, ",")
1460
1461 if len(crts) != len(keys) {
1462 return nil, fmt.Errorf("number of certificates does not match number of keys")
1463 }
1464
1465 for i := range crts {
1466 crt, key := crts[i], keys[i]
1467 keypair, err := tls.LoadX509KeyPair(crt, key)
1468 if err != nil {
1469 return nil, fmt.Errorf("failed to load X509 keypair from %s and %s: %w", crt, key, err)
1470 }
1471 config.Certificates = append(config.Certificates, keypair)
1472 }
1473 return config, nil
1474}
1475
1476func (o *Options) openTracingTracerInstance() (ot.Tracer, error) {
1477 if o.OpenTracingTracer != nil {

Callers 4

TestOptionsTLSConfigFunction · 0.95
listenAndServeQuitFunction · 0.80
NewFunction · 0.80

Calls 2

SplitMethod · 0.65
ErrorfMethod · 0.65

Tested by 2

TestOptionsTLSConfigFunction · 0.76