Skip to content
This repository has been archived by the owner on Jan 27, 2021. It is now read-only.

Make TLS-Certificate configurable #14

Merged
merged 1 commit into from
Mar 25, 2020
Merged

Make TLS-Certificate configurable #14

merged 1 commit into from
Mar 25, 2020

Conversation

IljaN
Copy link
Contributor

@IljaN IljaN commented Mar 13, 2020
edited
Loading

Currently the proxy generates certificates on every start for dev purposes. This commit adds an option to make this behavior configurable.

This also removes the dependency on konnectd`s crypto code and copies it instead, as the library is a hacky prototype version which is not meant for usage by other services.

A proper cert-generation lib should be added to ocis-pkg instead. Then this code can be refactored to use it

@update-docs
Copy link

update-docs bot commented Mar 13, 2020

Thanks for opening this pull request! The maintainers of this repository would appreciate it if you would create a changelog item based on your changes.

@IljaN IljaN self-assigned this Mar 13, 2020
@IljaN IljaN requested a review from refs March 13, 2020 18:54
@IljaN
Copy link
Contributor Author

IljaN commented Mar 13, 2020
edited
Loading

cc @micbar @xoxys

@IljaN IljaN force-pushed the configurable_tls_cert branch 2 times, most recently from 6b58e42 to c8a9f21 Compare March 19, 2020 15:25
@IljaN IljaN requested a review from butonic March 19, 2020 15:26
refs
refs approved these changes Mar 24, 2020
View reviewed changes
Copy link
Member

@refs refs left a comment

Choose a reason for hiding this comment

The reason will be displayed to describe this comment to others. Learn more.

Just what I need 🙆‍♂

pkg/crypto/gencert.go
func publicKey(priv interface{}) interface{} {
switch k := priv.(type) {
case *rsa.PrivateKey:
return &k.PublicKey
Copy link
Member

Choose a reason for hiding this comment

The reason will be displayed to describe this comment to others. Learn more.

fallthrough?

@IljaN
Make TLS-Certificate configurable
6583f7c 
Currently the proxy generates certificates on every start for dev purposes. This commit adds an option to make this behaviour configurable.
This also removes the dependency on konnectd`s crypto code and copies it instead, as this library is a first version which is not meant for usage by other services.

A proper cert-generation lib should be added to ocis-pkg instead. Then this code can be refactored to use it.
@IljaN IljaN force-pushed the configurable_tls_cert branch from c8a9f21 to 6583f7c Compare March 25, 2020 08:37
@IljaN IljaN merged commit 6e33472 into master Mar 25, 2020
@delete-merged-branch delete-merged-branch bot deleted the configurable_tls_cert branch March 25, 2020 08:44
Sign up for free to subscribe to this conversation on GitHub. Already have an account? Sign in.
Reviewers

@refs refs refs approved these changes

@butonic butonic Awaiting requested review from butonic

Assignees

@IljaN IljaN

Labels
None yet
Projects
None yet
Milestone
No milestone
Development

Successfully merging this pull request may close these issues.
2 participants
@IljaN @refs