github.com/bingoohuang/gg@v0.0.0-20240325092523-45da7dee9335/pkg/kafka/tlsconfig.go

github.com/bingoohuang/gg@v0.0.0-20240325092523-45da7dee9335/pkg/kafka/tlsconfig.go (about)

     1  package kafka
     2  
     3  import (
     4  	"crypto/tls"
     5  	"crypto/x509"
     6  	"io/ioutil"
     7  	"log"
     8  )
     9  
    10  type TlsConfig struct {
    11  	CaFile, CertFile, KeyFile string
    12  	InsecureSkipVerify        bool
    13  }
    14  
    15  func (tc TlsConfig) Create() *tls.Config {
    16  	if tc.CertFile == "" || tc.KeyFile == "" || tc.CaFile == "" {
    17  		// will be nil by default if nothing is provided
    18  		return nil
    19  	}
    20  
    21  	cert, err := tls.LoadX509KeyPair(tc.CertFile, tc.KeyFile)
    22  	if err != nil {
    23  		log.Fatal(err)
    24  	}
    25  
    26  	caCert, err := ioutil.ReadFile(tc.CaFile)
    27  	if err != nil {
    28  		log.Fatal(err)
    29  	}
    30  
    31  	pool := x509.NewCertPool()
    32  	pool.AppendCertsFromPEM(caCert)
    33  	return &tls.Config{
    34  		Certificates:       []tls.Certificate{cert},
    35  		RootCAs:            pool,
    36  		InsecureSkipVerify: tc.InsecureSkipVerify,
    37  	}
    38  }