Merge pull request #8 from steigr/feature/tls-key-file

Allow to specify tlsKEY as seperate file.
This commit is contained in:
Björn Busse 2018-03-14 03:34:46 +01:00 committed by GitHub
commit 580b5a31dd
No known key found for this signature in database
GPG Key ID: 4AEE18F83AFDEB23

View File

@ -52,6 +52,7 @@ var (
passwords = flag.String("passwords", "", "Optional path to passwords file") passwords = flag.String("passwords", "", "Optional path to passwords file")
tlsBind = flag.String("tlsbind", "", "TLS address to bind to") tlsBind = flag.String("tlsbind", "", "TLS address to bind to")
tlsPEM = flag.String("tlspem", "", "Path to TLS certificat+key PEM file") tlsPEM = flag.String("tlspem", "", "Path to TLS certificat+key PEM file")
tlsKEY = flag.String("tlskey", "", "Path to TLS key PEM as seperate file")
tlsonly = flag.Bool("tlsonly", false, "Disable listening on non tls-port") tlsonly = flag.Bool("tlsonly", false, "Disable listening on non tls-port")
proxyTimeout = flag.Uint("proxytimeout", PROXY_TIMEOUT, "Timeout when using proxy protocol") proxyTimeout = flag.Uint("proxytimeout", PROXY_TIMEOUT, "Timeout when using proxy protocol")
metrics = flag.Bool("metrics", false, "Enable metrics export") metrics = flag.Bool("metrics", false, "Enable metrics export")
@ -168,9 +169,14 @@ func Run() {
} }
if *tlsBind != "" { if *tlsBind != "" {
cert, err := tls.LoadX509KeyPair(*tlsPEM, *tlsPEM) if *tlsKEY == "" {
tlsKEY = tlsPEM
}
cert, err := tls.LoadX509KeyPair(*tlsPEM, *tlsKEY)
if err != nil { if err != nil {
log.Fatalf("Could not load TLS keys from %s: %s", *tlsPEM, err) log.Fatalf("Could not load Certificate and TLS keys from %s: %s", *tlsPEM, *tlsKEY, err)
} }
config := tls.Config{Certificates: []tls.Certificate{cert}} config := tls.Config{Certificates: []tls.Certificate{cert}}