forked from TrueCloudLab/frostfs-node
[#1170] adm: Support morph mTLS
Signed-off-by: Evgenii Stratonikov <e.stratonikov@yadro.com>
This commit is contained in:
parent
42ecc2f2b9
commit
a0e49fa5a5
1 changed files with 15 additions and 0 deletions
|
|
@ -2,6 +2,7 @@ package helper
|
|||
|
||||
import (
|
||||
"context"
|
||||
"crypto/tls"
|
||||
"errors"
|
||||
"fmt"
|
||||
"time"
|
||||
|
|
@ -60,9 +61,23 @@ func GetN3Client(v *viper.Viper) (Client, error) {
|
|||
if endpoint == "" {
|
||||
return nil, errors.New("missing endpoint")
|
||||
}
|
||||
|
||||
var cfg *tls.Config
|
||||
if rootCAs := v.GetStringSlice("tls.trusted_ca_list"); len(rootCAs) != 0 {
|
||||
certFile := v.GetString("tls.certificate")
|
||||
keyFile := v.GetString("tls.key")
|
||||
|
||||
tlsConfig, err := rpcclient.TLSClientConfig(rootCAs, certFile, keyFile)
|
||||
if err != nil {
|
||||
return nil, err
|
||||
}
|
||||
|
||||
cfg = tlsConfig
|
||||
}
|
||||
c, err := rpcclient.New(ctx, endpoint, rpcclient.Options{
|
||||
MaxConnsPerHost: maxConnsPerHost,
|
||||
RequestTimeout: requestTimeout,
|
||||
TLSClientConfig: cfg,
|
||||
})
|
||||
if err != nil {
|
||||
return nil, err
|
||||
|
|
|
|||
Loading…
Reference in a new issue