Skip to content
/ tlsutil Public

TLS util functions to help with setting up client & server TLS-based connections.

License

Apache-2.0 license
0 stars 1 fork Branches Tags Activity
Star
Notifications You must be signed in to change notification settings

acacio/tlsutil

BranchesTags

Folders and files

NameName
Last commit message
Last commit date

Latest commit

 

History

6 Commits
.gitignore
.gitignore
 
 
LICENSE
LICENSE
 
 
README.md
README.md
 
 
client.go
client.go
 
 
doc.go
doc.go
 
 
gencert.go
gencert.go
 
 
go.mod
go.mod
 
 
server.go
server.go
 
 
tlsutil.go
tlsutil.go
 
 

Repository files navigation

tlsutil

TLS util functions to help with setting up client & server TLS-based connections.

Setup

go get -u github.com/acacio/tlsutil

Use for connection setup

import (
	"github.com/acacio/tlsutil"
)


type Config struct {
	TLSType       string
	VerifyClients bool
	CA            string
	Cert          string
	Key           string
}

func setupServer(cfg *Config) (*tls.Config, error) {
	var tlstype string
	if cfg.VerifyClients {
		tlstype = "verify"
	} else {
		tlstype = "simple"
	}
	// Implicitly requires CA for "verify"
	return tlsutil.SetupServerTLS(tlstype, cfg.CA, cfg.Cert, cfg.Key)
}

TLS combinations

With this library it is possible to setup several different TLS pairings:

Client \ Server No srv TLS Certs
"simple"		 Certs +
Client Verification
"verify"
No TLS - N/A N/A
Simple TLS
"simple"		 N/A supported N/A
Client Certs
"certs"		 N/A supported Server enforces Client ID
(server needs CA.crt)
Client Certs +
Server Verification
"verify"		 N/A Client enforces server ID
(client needs CA.crt)		 Enforce Client & Server ID
(both require CA.crt)

About

TLS util functions to help with setting up client & server TLS-based connections.

Resources

Readme

License

Apache-2.0 license
Activity

Stars

0 stars

Watchers

1 watching

Forks

1 fork
Report repository

Releases

3 tags

Packages

No packages published

Languages