add ServersTransport on services

2020-09-11 15:40:03 +02:00 · 2020-09-11 15:40:03 +02:00 · 76f42a3013
commit 76f42a3013
parent 6075f7e8fd
64 changed files with 2359 additions and 242 deletions
--- a/pkg/tls/certificate.go
+++ b/pkg/tls/certificate.go
@ -56,6 +56,23 @@ type Certificate struct {
 // Certs and Keys could be either a file path, or the file content itself.
 type Certificates []Certificate

+// GetCertificates retrieves the certificates as slice of tls.Certificate.
+func (c Certificates) GetCertificates() []tls.Certificate {
+	var certs []tls.Certificate
+
+	for _, certificate := range c {
+		cert, err := certificate.GetCertificate()
+		if err != nil {
+			log.WithoutContext().Debugf("Error while getting certificate: %v", err)
+			continue
+		}
+
+		certs = append(certs, cert)
+	}
+
+	return certs
+}
+
 // FileOrContent hold a file path or content.
 type FileOrContent string

@ -190,6 +207,26 @@ func (c *Certificate) AppendCertificate(certs map[string]map[string]*tls.Certifi
 	return err
 }

+// GetCertificate retrieves Certificate as tls.Certificate.
+func (c *Certificate) GetCertificate() (tls.Certificate, error) {
+	certContent, err := c.CertFile.Read()
+	if err != nil {
+		return tls.Certificate{}, fmt.Errorf("unable to read CertFile : %w", err)
+	}
+
+	keyContent, err := c.KeyFile.Read()
+	if err != nil {
+		return tls.Certificate{}, fmt.Errorf("unable to read KeyFile : %w", err)
+	}
+
+	cert, err := tls.X509KeyPair(certContent, keyContent)
+	if err != nil {
+		return tls.Certificate{}, fmt.Errorf("unable to generate TLS certificate : %w", err)
+	}
+
+	return cert, nil
+}
+
 // GetTruncatedCertificateName truncates the certificate name.
 func (c *Certificate) GetTruncatedCertificateName() string {
 	certName := c.CertFile.String()