diff options
| author | Valery Piashchynski <[email protected]> | 2020-05-16 17:52:22 +0300 |
|---|---|---|
| committer | Valery Piashchynski <[email protected]> | 2020-05-16 17:52:22 +0300 |
| commit | b68da150bed6933ceabd73cf3cbc135187f4a2c0 (patch) | |
| tree | 3e1ab9efd23de8d0a95df017b9c899ec1205c4ef /service/http/config.go | |
| parent | 8fd8356ef1cb9b7602e511cf0d59964cdbbe5dbe (diff) | |
update RootCA
Diffstat (limited to 'service/http/config.go')
| -rw-r--r-- | service/http/config.go | 15 |
1 files changed, 14 insertions, 1 deletions
diff --git a/service/http/config.go b/service/http/config.go index 81fcd16c..b87b938f 100644 --- a/service/http/config.go +++ b/service/http/config.go @@ -77,6 +77,9 @@ type SSLConfig struct { // Cert is https certificate. Cert string + + // Root CA file + RootCA string } // EnableHTTP is true when http server must run. @@ -86,7 +89,7 @@ func (c *Config) EnableHTTP() bool { // EnableTLS returns true if rr must listen TLS connections. func (c *Config) EnableTLS() bool { - return c.SSL.Key != "" || c.SSL.Cert != "" + return c.SSL.Key != "" || c.SSL.Cert != "" || c.SSL.RootCA != "" } // EnableHTTP2 when HTTP/2 extension must be enabled (only with TSL). @@ -244,6 +247,16 @@ func (c *Config) Valid() error { return err } + + // RootCA is optional, but if provided - check it + if c.SSL.RootCA != "" { + if _, err := os.Stat(c.SSL.RootCA); err != nil { + if os.IsNotExist(err) { + return fmt.Errorf("root ca path provided, but key file '%s' does not exists", c.SSL.Key) + } + return err + } + } } return nil |