2022-05-05 00:51:24 +03:00
|
|
|
package proxyd
|
|
|
|
|
|
|
|
import (
|
|
|
|
"crypto/tls"
|
|
|
|
"crypto/x509"
|
|
|
|
"errors"
|
2022-08-27 04:39:30 +03:00
|
|
|
"os"
|
2022-05-05 00:51:24 +03:00
|
|
|
)
|
|
|
|
|
|
|
|
func CreateTLSClient(ca string) (*tls.Config, error) {
|
2022-08-27 04:39:30 +03:00
|
|
|
pem, err := os.ReadFile(ca)
|
2022-05-05 00:51:24 +03:00
|
|
|
if err != nil {
|
|
|
|
return nil, wrapErr(err, "error reading CA")
|
|
|
|
}
|
|
|
|
|
|
|
|
roots := x509.NewCertPool()
|
|
|
|
ok := roots.AppendCertsFromPEM(pem)
|
|
|
|
if !ok {
|
|
|
|
return nil, errors.New("error parsing TLS client cert")
|
|
|
|
}
|
|
|
|
|
|
|
|
return &tls.Config{
|
|
|
|
RootCAs: roots,
|
|
|
|
}, nil
|
|
|
|
}
|
|
|
|
|
|
|
|
func ParseKeyPair(crt, key string) (tls.Certificate, error) {
|
|
|
|
cert, err := tls.LoadX509KeyPair(crt, key)
|
|
|
|
if err != nil {
|
|
|
|
return tls.Certificate{}, wrapErr(err, "error loading x509 key pair")
|
|
|
|
}
|
|
|
|
return cert, nil
|
|
|
|
}
|