diff --git a/examples/cluster/config/orderer.yaml b/examples/cluster/config/orderer.yaml index 9844cfe9ef2..97be3b883e2 100644 --- a/examples/cluster/config/orderer.yaml +++ b/examples/cluster/config/orderer.yaml @@ -34,7 +34,7 @@ General: Certificate: tls/server.crt RootCAs: - tls/ca.crt - ClientAuthEnabled: false + ClientAuthRequired: false ClientRootCAs: # Log Level: The level at which to log. This accepts logging specifications diff --git a/orderer/common/localconfig/config.go b/orderer/common/localconfig/config.go index 0184c7039c9..adb75fd5334 100644 --- a/orderer/common/localconfig/config.go +++ b/orderer/common/localconfig/config.go @@ -97,12 +97,12 @@ type Keepalive struct { // TLS contains configuration for TLS connections. type TLS struct { - Enabled bool - PrivateKey string - Certificate string - RootCAs []string - ClientAuthEnabled bool - ClientRootCAs []string + Enabled bool + PrivateKey string + Certificate string + RootCAs []string + ClientAuthRequired bool + ClientRootCAs []string } // Authentication contains configuration parameters related to authenticating diff --git a/orderer/common/server/main.go b/orderer/common/server/main.go index a1cc5624ca4..31908499cd0 100644 --- a/orderer/common/server/main.go +++ b/orderer/common/server/main.go @@ -136,7 +136,7 @@ func initializeServerConfig(conf *config.TopLevel) comm.ServerConfig { // secure server config secureOpts := &comm.SecureOptions{ UseTLS: conf.General.TLS.Enabled, - RequireClientCert: conf.General.TLS.ClientAuthEnabled, + RequireClientCert: conf.General.TLS.ClientAuthRequired, } // check to see if TLS is enabled if secureOpts.UseTLS { diff --git a/orderer/common/server/main_test.go b/orderer/common/server/main_test.go index 4e57a787cab..fd28a4060f0 100644 --- a/orderer/common/server/main_test.go +++ b/orderer/common/server/main_test.go @@ -79,12 +79,12 @@ func TestInitializeServerConfig(t *testing.T) { conf := &config.TopLevel{ General: config.General{ TLS: config.TLS{ - Enabled: true, - ClientAuthEnabled: true, - Certificate: "main.go", - PrivateKey: "main.go", - RootCAs: []string{"main.go"}, - ClientRootCAs: []string{"main.go"}, + Enabled: true, + ClientAuthRequired: true, + Certificate: "main.go", + PrivateKey: "main.go", + RootCAs: []string{"main.go"}, + ClientRootCAs: []string{"main.go"}, }, }, } @@ -131,12 +131,12 @@ func TestInitializeServerConfig(t *testing.T) { &config.TopLevel{ General: config.General{ TLS: config.TLS{ - Enabled: true, - ClientAuthEnabled: true, - Certificate: tc.certificate, - PrivateKey: tc.privateKey, - RootCAs: []string{tc.rootCA}, - ClientRootCAs: []string{tc.clientCertificate}, + Enabled: true, + ClientAuthRequired: true, + Certificate: tc.certificate, + PrivateKey: tc.privateKey, + RootCAs: []string{tc.rootCA}, + ClientRootCAs: []string{tc.clientCertificate}, }, }, }) @@ -255,8 +255,8 @@ func TestInitializeGrpcServer(t *testing.T) { ListenAddress: host, ListenPort: uint16(port), TLS: config.TLS{ - Enabled: false, - ClientAuthEnabled: false, + Enabled: false, + ClientAuthRequired: false, }, }, } @@ -280,8 +280,8 @@ func TestUpdateTrustedRoots(t *testing.T) { ListenAddress: "localhost", ListenPort: uint16(port), TLS: config.TLS{ - Enabled: false, - ClientAuthEnabled: false, + Enabled: false, + ClientAuthRequired: false, }, }, } @@ -309,10 +309,10 @@ func TestUpdateTrustedRoots(t *testing.T) { ListenAddress: "localhost", ListenPort: uint16(port), TLS: config.TLS{ - Enabled: true, - ClientAuthEnabled: true, - PrivateKey: filepath.Join(".", "testdata", "tls", "server.key"), - Certificate: filepath.Join(".", "testdata", "tls", "server.crt"), + Enabled: true, + ClientAuthRequired: true, + PrivateKey: filepath.Join(".", "testdata", "tls", "server.key"), + Certificate: filepath.Join(".", "testdata", "tls", "server.crt"), }, }, } diff --git a/sampleconfig/orderer.yaml b/sampleconfig/orderer.yaml index e436681fa60..032d1d5d2bb 100644 --- a/sampleconfig/orderer.yaml +++ b/sampleconfig/orderer.yaml @@ -34,7 +34,7 @@ General: Certificate: tls/server.crt RootCAs: - tls/ca.crt - ClientAuthEnabled: false + ClientAuthRequired: false ClientRootCAs: # Keepalive settings for the GRPC server.