SystemSh0cker/gocsaf
1
0
Fork 0
mirror of https://github.com/gocsaf/csaf.git synced 2025-12-22 11:55:40 +01:00
Code Issues Releases Activity Actions

Add options to use TLS client certificate for authentication (Checker)

Browse source 
* Add "client-cert" and "client-key" flag options to allow the checker to use TLS client certificate for authentication.
* Fix typo TSL -> TLS in docs.


Co-authored-by: Bernhard Reiter <bernhard@intevation.de>
This commit is contained in:
Fadi Abbud 2022-03-31 17:57:43 +02:00 committed by GitHub
parent b9603b7742
commit a91d36cc95
No known key found for this signature in database
GPG key ID: 4AEE18F83AFDEB23
4 changed files with 24 additions and 12 deletions
Download patch file Download diff file Expand all files Collapse all files

19
cmd/csaf_checker/processor.go
View file

@ -230,15 +230,20 @@ func (p *processor) httpClient() *http.Client {
p.client = &http.Client{
CheckRedirect: p.checkRedirect,
}
var tlsConfig tls.Config
if p.opts.Insecure {
p.client.Transport = &http.Transport{
TLSClientConfig: &tls.Config{
InsecureSkipVerify: true,
},
}
tlsConfig.InsecureSkipVerify = true
}
if p.opts.ClientCert != nil && p.opts.ClientKey != nil {
cert, err := tls.LoadX509KeyPair(*p.opts.ClientCert, *p.opts.ClientKey)
if err != nil {
log.Fatal(err)
}
tlsConfig.Certificates = []tls.Certificate{cert}
}
p.client.Transport = &http.Transport{
TLSClientConfig: &tlsConfig,
}
return p.client
}