From cbc33fc9282bab1678ef295ea1c9d66e89590a55 Mon Sep 17 00:00:00 2001
From: simonzhangsz <simonzhangsz@outlook.com>
Date: Wed, 23 Aug 2023 16:33:53 +0800
Subject: [PATCH] d

---
 restagent/restagent.go | 31 +++++++++++++++++++++++++++++++
 1 file changed, 31 insertions(+)

diff --git a/restagent/restagent.go b/restagent/restagent.go
index f19f96ea..94011906 100644
--- a/restagent/restagent.go
+++ b/restagent/restagent.go
@@ -1,6 +1,8 @@
 package main
 
 import (
+	"crypto/tls"
+	"crypto/x509"
 	"fmt"
 	"net"
 	"net/http"
@@ -79,6 +81,35 @@ func HttpListenTLS(addr, certFile, keyFile string, router http.Handler) {
 	}
 }
 
+func HttpListenConfigTLS(addr, caFile, certFile, keyFile string, router http.Handler) {
+	// 加载根证书
+	caCert, err := os.ReadFile(caFile)
+	if err != nil {
+		log.Fatal(err)
+	}
+	caCertPool := x509.NewCertPool()
+	caCertPool.AppendCertsFromPEM(caCert)
+
+	// 创建自定义的TLS配置
+	tlsConfig := &tls.Config{
+		ClientCAs:  caCertPool,
+		ClientAuth: tls.RequireAndVerifyClientCert,
+	}
+
+	// 创建HTTP服务器
+	server := &http.Server{
+		Addr:      addr,
+		Handler:   router,
+		TLSConfig: tlsConfig,
+	}
+
+	err = server.ListenAndServeTLS(certFile, keyFile)
+	if err != nil {
+		fmt.Println("ListenAndServeTLS err:", err)
+		os.Exit(6)
+	}
+}
+
 func main() {
 	conf := config.GetYamlConfig()