Commit 40a94d3b authored by Marc Bärtschi's avatar Marc Bärtschi

add tls

parent 06fff508
......@@ -35,14 +35,14 @@ func main() {
log.SetFlags(log.LstdFlags | log.Lshortfile)
certificate, err := tls.LoadX509KeyPair("/sec/tls/tls.crt", "/sec/tls/tls.key")
certificate, err := tls.LoadX509KeyPair("/sec/tls.crt", "/sec/tls.key")
if err != nil {
log.Fatalf("could not load server key pair: %s", err)
}
// Create a certificate pool from the certificate authority
certPool := x509.NewCertPool()
ca, err := ioutil.ReadFile("/sec/pki/ca.pem")
ca, err := ioutil.ReadFile("/sec/ca.pem")
if err != nil {
log.Fatalf("could not read ca certificate: %s", err)
}
......
package main
import (
"crypto/tls"
"crypto/x509"
"io/ioutil"
"log"
"os"
"os/signal"
"path/filepath"
"time"
pb "git.dolansoft.org/marc/dns/proto"
......@@ -17,10 +21,34 @@ func main() {
// TODO: add Log
// TODO: make configurable / flags
certificate, err := tls.LoadX509KeyPair(filepath.Join(homedir, "/sec/tls.crt"), filepath.Join(homedir, "/sec/tls.key"))
if err != nil {
log.Fatalf("could not load client key pair: %s", err)
}
// Create a certificate pool from the certificate authority
certPool := x509.NewCertPool()
ca, err := ioutil.ReadFile(filepath.Join(homedir, "/sec/ca.pem"))
if err != nil {
log.Fatalf("could not read ca certificate: %s", err)
}
// Append the certificates from the CA
if ok := certPool.AppendCertsFromPEM(ca); !ok {
log.Fatal("failed to append ca certs")
}
creds := credentials.NewTLS(&tls.Config{
ServerName: "212.51.131.33:8520",
Certificates: []tls.Certificate{certificate},
RootCAs: certPool,
})
// GRPC Backend Service
// Open a Connection
var clientConn *grpc.ClientConn
clientConn, err := grpc.Dial("212.51.131.33:8520", grpc.WithInsecure())
clientConn, err := grpc.Dial("212.51.131.33:8520", grpc.WithTransportCredentials(creds))
)
if err != nil {
log.Fatalf("did not connect: %s", err)
}
......
Markdown is supported
0% or
You are about to add 0 people to the discussion. Proceed with caution.
Finish editing this message first!
Please register or to comment