1
0
mirror of https://github.com/astaxie/beego.git synced 2024-12-22 17:30:50 +00:00

添加对 BConfig.Listen.ClientAuth 字段的逻辑处理。当指定了该配置时,使用配置的值来作为验证客户端的方式。如果没指定,使用默认值 tls.RequireAndVerifyClientCert

This commit is contained in:
Mr. Myy 2020-07-30 10:53:30 +08:00 committed by GitHub
parent 7d561607d8
commit 15e11931fc
No known key found for this signature in database
GPG Key ID: 4AEE18F83AFDEB23

9
app.go
View File

@ -195,10 +195,15 @@ func (app *App) Run(mws ...MiddleWare) {
return
}
pool.AppendCertsFromPEM(data)
app.Server.TLSConfig = &tls.Config{
tlsConfig := tls.Config{
ClientCAs: pool,
ClientAuth: tls.RequireAndVerifyClientCert,
}
if string(BConfig.Listen.ClientAuth) != "" {
tslConfig.ClientAuth = BConfig.Listen.ClientAuth
} else {
tslConfig.ClientAuth = tls.RequireAndVerifyClientCert
}
app.Server.TLSConfig = &tslConfig
}
if err := app.Server.ListenAndServeTLS(BConfig.Listen.HTTPSCertFile, BConfig.Listen.HTTPSKeyFile); err != nil {
logs.Critical("ListenAndServeTLS: ", err)