mirror of
https://github.com/astaxie/beego.git
synced 2024-11-22 03:30:57 +00:00
添加对 BConfig.Listen.ClientAuth 字段的逻辑处理。当指定了该配置时,使用配置的值来作为验证客户端的方式。如果没指定,使用默认值 tls.RequireAndVerifyClientCert
This commit is contained in:
parent
7d561607d8
commit
15e11931fc
9
app.go
9
app.go
@ -195,10 +195,15 @@ func (app *App) Run(mws ...MiddleWare) {
|
||||
return
|
||||
}
|
||||
pool.AppendCertsFromPEM(data)
|
||||
app.Server.TLSConfig = &tls.Config{
|
||||
tlsConfig := tls.Config{
|
||||
ClientCAs: pool,
|
||||
ClientAuth: tls.RequireAndVerifyClientCert,
|
||||
}
|
||||
if string(BConfig.Listen.ClientAuth) != "" {
|
||||
tslConfig.ClientAuth = BConfig.Listen.ClientAuth
|
||||
} else {
|
||||
tslConfig.ClientAuth = tls.RequireAndVerifyClientCert
|
||||
}
|
||||
app.Server.TLSConfig = &tslConfig
|
||||
}
|
||||
if err := app.Server.ListenAndServeTLS(BConfig.Listen.HTTPSCertFile, BConfig.Listen.HTTPSKeyFile); err != nil {
|
||||
logs.Critical("ListenAndServeTLS: ", err)
|
||||
|
Loading…
Reference in New Issue
Block a user