mtls

package

v0.5.2 Latest Latest Go to latest Published: Jun 13, 2026 License: MIT Imports: 9 Imported by: 0

Details

Valid go.mod file
Redistributable license
Tagged version
Stable version
Learn more about best practices

Repository

github.com/turahe/pkg

Links

Open Source Insights

Documentation ¶

Overview ¶

Package mtls provides mutual TLS helpers for backend HTTPS and gateway outbound clients.

Configuration is loaded via config.GetConfig().MTLS (or config.Setup). Set MTLS_ENABLED=true to require client certificates on the server and to attach a client cert on outbound HTTP.

Index ¶

func ClientTLSConfig(cfg Config) (*tls.Config, error)
func CloneTLSConfig(cfg *tls.Config) *tls.Config
func ConfigureServer(srv *http.Server) error
func ConfigureServerWithConfig(srv *http.Server, cfg Config) error
func ListenAndServe(handler http.Handler, addr string) error
func ListenAndServeConfig(handler http.Handler, addr string, cfg Config) error
func ListenConfigured(srv *http.Server) error
func ListenConfiguredWithConfig(srv *http.Server, cfg Config) error
func NewTransport(cfg Config) (*http.Transport, error)
func RunGin(engine *gin.Engine, addr string) error
func RunGinConfig(engine *gin.Engine, addr string, cfg Config) error
func ServerTLSConfig(cfg Config) (*tls.Config, error)
type Config
- func LoadConfig() Config

Constants ¶

This section is empty.

Variables ¶

This section is empty.

Functions ¶

func ClientTLSConfig ¶

func ClientTLSConfig(cfg Config) (*tls.Config, error)

ClientTLSConfig returns TLS settings for the api-gateway outbound proxy.

func CloneTLSConfig ¶

func CloneTLSConfig(cfg *tls.Config) *tls.Config

CloneTLSConfig returns a shallow copy safe for per-connection use.

func ConfigureServer ¶

func ConfigureServer(srv *http.Server) error

ConfigureServer applies mTLS to an existing http.Server when enabled in config.

func ConfigureServerWithConfig ¶

func ConfigureServerWithConfig(srv *http.Server, cfg Config) error

ConfigureServerWithConfig applies mTLS to srv when cfg.Enabled is true.

func ListenAndServe ¶

func ListenAndServe(handler http.Handler, addr string) error

ListenAndServe starts plain HTTP or mTLS HTTPS depending on cfg.Enabled.

func ListenAndServeConfig ¶

func ListenAndServeConfig(handler http.Handler, addr string, cfg Config) error

ListenAndServeConfig starts plain HTTP or mTLS HTTPS using the given configuration.

func ListenConfigured ¶

func ListenConfigured(srv *http.Server) error

ListenConfigured serves using srv.TLSConfig when mTLS is enabled.

func ListenConfiguredWithConfig ¶

func ListenConfiguredWithConfig(srv *http.Server, cfg Config) error

ListenConfiguredWithConfig serves with TLS when cfg.Enabled is true.

func NewTransport ¶

func NewTransport(cfg Config) (*http.Transport, error)

NewTransport builds an http.Transport for gateway upstream connections.

func RunGin ¶

func RunGin(engine *gin.Engine, addr string) error

RunGin is a drop-in for gin.Engine.Run with optional mTLS.

func RunGinConfig ¶

func RunGinConfig(engine *gin.Engine, addr string, cfg Config) error

RunGinConfig is RunGin with an explicit configuration.

func ServerTLSConfig ¶

func ServerTLSConfig(cfg Config) (*tls.Config, error)

ServerTLSConfig returns TLS settings for backend services (require gateway client cert).

Types ¶

type Config ¶

type Config = config.MTLSConfiguration

Config is the mTLS configuration loaded from the central config package.

func LoadConfig ¶

func LoadConfig() Config

LoadConfig returns mTLS settings from the global config package.

Source Files ¶

View all Source files

?	: This menu
/	: Search site
f or F	: Jump to
y or Y	: Canonical URL