Backport Teleport Connect gateway changes from #11720 (#12297)

#11720 was backported to v9, but at that time Teleport Connect wasn't backported to v9, so the changes to gateway.go were dropped. This PR reintroduces them, as without that part it's not possible to open db connections when running Teleport Connect from the v9 branch.
gravitational · Apr 29, 2022 · a8f2cb7 · a8f2cb7
1 parent 6b0e7ec
commit a8f2cb7
Showing 1 changed file with 7 additions and 0 deletions.
diff --git a/lib/teleterm/gateway/gateway.go b/lib/teleterm/gateway/gateway.go
@@ -18,6 +18,7 @@ package gateway
 
 import (
 	"context"
+	"crypto/tls"
 	"fmt"
 	"net"
 	"strconv"
@@ -70,13 +71,19 @@ func New(cfg Config) (*Gateway, error) {
 		return nil, trace.Wrap(err)
 	}
 
+	cert, err := tls.LoadX509KeyPair(cfg.CertPath, cfg.KeyPath)
+	if err != nil {
+		return nil, trace.Wrap(err)
+	}
+
 	localProxy, err := alpn.NewLocalProxy(alpn.LocalProxyConfig{
 		InsecureSkipVerify: cfg.Insecure,
 		RemoteProxyAddr:    cfg.WebProxyAddr,
 		Protocol:           protocol,
 		Listener:           listener,
 		ParentContext:      closeContext,
 		SNI:                address.Host(),
+		Certs:              []tls.Certificate{cert},
 	})
 	if err != nil {
 		return nil, trace.Wrap(err)