diff options
Diffstat (limited to 'service/http/config.go')
| -rw-r--r-- | service/http/config.go | 15 |
1 files changed, 14 insertions, 1 deletions
diff --git a/service/http/config.go b/service/http/config.go index 81fcd16c..b87b938f 100644 --- a/service/http/config.go +++ b/service/http/config.go @@ -77,6 +77,9 @@ type SSLConfig struct { // Cert is https certificate. Cert string + + // Root CA file + RootCA string } // EnableHTTP is true when http server must run. @@ -86,7 +89,7 @@ func (c *Config) EnableHTTP() bool { // EnableTLS returns true if rr must listen TLS connections. func (c *Config) EnableTLS() bool { - return c.SSL.Key != "" || c.SSL.Cert != "" + return c.SSL.Key != "" || c.SSL.Cert != "" || c.SSL.RootCA != "" } // EnableHTTP2 when HTTP/2 extension must be enabled (only with TSL). @@ -244,6 +247,16 @@ func (c *Config) Valid() error { return err } + + // RootCA is optional, but if provided - check it + if c.SSL.RootCA != "" { + if _, err := os.Stat(c.SSL.RootCA); err != nil { + if os.IsNotExist(err) { + return fmt.Errorf("root ca path provided, but key file '%s' does not exists", c.SSL.Key) + } + return err + } + } } return nil |